Hi Fajar, Le 13/10/2015 10:47, Fajar A. Nugraha a écrit :
The warning Allan posted was about servers that use openssl-1.0.2, like debian testing and ubuntu wily (which should be released this month). The fix is present in git, and will be present in the next 3.0.11 (whenever that is), but there probably won't be any 2.2.10 due to EOL policy. In which case the "fix" that admins can use is to ensure: - NOT use openssl-1.0.2. Not an issue if they already stick to LTS release anyway. OR - Build their own FR version from git, and later upgrade to 3.0.11 when that is released.
I agree with Arran here. Admins wishing to use openssl-1.0.2 on their server should use the git version or 3.0.11+.
Thanks for your detailed explanations. In fact, I don't want to bother with recompiling by hand any application that I use, and follow all of bugs and securty annoucements, and if one is compatible with the other. It's why I prefer to let this job to distro manager, and update my distro on a regular basis. Alain -- Administrateur Système/Réseau Laboratoire de Photonique et Nanostructures (LPN/CNRS - UPR20) Centre de Recherche Alcatel Data IV - Marcoussis route de Nozay - 91460 Marcoussis Tel : 01-69-63-61-34