Anyone aware of this new OpenSSL problem ??
"Next, it's time to patch the system. CERT's advisory on the worm recommends that administrators update OpenSSL to 0.9.6e, but this version doesn't fix all of the known problems; it's best to update to OpenSSL 0.9.6g or 0.9.7 beta3 (which, while it's a beta version, seems quite solid). You may either compile the new version from the source code (available at the link just above) or obtain an update package from the publisher of your Linux distribution. (F-Secure's Slapper page contains links to advisories and patches from several of the largest vendors, as well as much useful information about the worm.) If you own a "turnkey" device -- such as a personal video recorder or SOHO firewall -- with embedded Linux inside, you should likewise check with your vendor for a patch -- especially if the device operates as a Web server or has a Web-based interface.
This thread was automatically locked due to age.
