[Rhodes22-list] Headup, list admin
Michael Meltzer
rhodes22-list@rhodes22.org
Thu, 1 Aug 2002 00:14:34 -0400
This is a multi-part message in MIME format.
------=_NextPart_000_0071_01C238F0.6A751640
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
It not only me, 50% of the web should be doing the same thing tonight. =
openssl is used by everyone and every body. this is a real screw up on =
the openssl people front. Their is no problem with the list, a buffer =
overrun was found in the SSL libs that is used to secure privacy on the =
web. The hole is big enough that the machine can be taken over which is =
very very bad, extremity when you consider that SSL is a security =
package in it self. This is preventive medicine, thing of it as a condom =
before someone try to give us the clap :-)
MJM
----- Original Message -----=20
From: Rik Sandberg=20
To: rhodes22-list@rhodes22.org=20
Sent: Thursday, August 01, 2002 12:08 AM
Subject: Re: [Rhodes22-list] Headup, list admin
Thanks Michael,
Your doing a heck of a job. AND, what's this???? notice that there is =
going to be a problem????? What a concept. Never seen that done before. =
:-) :-)
Thanks for letting us know, I, for one, got kinda tired of never =
having a clue what the heck was going on.
Rik
At 11:49 PM 7/31/2002 -0400, you wrote:
Looks like throes group screwed the pooch again(openssl), I have an =
emergency upgrade to the systems taking place right now, The SSL =
libraries are being replaced on this machine right now and the packages =
that they link to, security upgrade before the script kiddes find out, =
the list might be slow 0:00-3:00 with about a 15 minutes outage as the =
machine is boot in to the new kernel and packages, no member need to due =
anything, just a heads up.
=20
MJM
------=_NextPart_000_0071_01C238F0.6A751640
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2716.2200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>It not only me, 50% of the web should =
be doing the=20
same thing tonight. openssl is used by everyone and every body. this is =
a real=20
screw up on the openssl people front. Their is no problem with the list, =
a=20
buffer overrun was found in the SSL libs that is used to secure privacy =
on the=20
web. The hole is big enough that the machine can be taken over which is =
very=20
very bad, extremity when you consider that SSL is a security package in =
it self.=20
This is preventive medicine, thing of it as a condom before someone try =
to give=20
us the clap :-)</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>MJM</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial"> ----- Original Message ----- =
</DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dracerrik@rea-alp.com =
href=3D"mailto:racerrik@rea-alp.com">Rik=20
Sandberg</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A =
title=3Drhodes22-list@rhodes22.org=20
=
href=3D"mailto:rhodes22-list@rhodes22.org">rhodes22-list@rhodes22.org</A>=
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Thursday, August 01, 2002 =
12:08=20
AM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> Re: [Rhodes22-list] =
Headup, list=20
admin</DIV>
<DIV><BR></DIV>Thanks Michael,<BR><BR>Your doing a heck of a job. AND, =
what's=20
this???? notice that there is going to be a problem????? What a =
concept. Never=20
seen that done before. :-) :-)<BR><BR>Thanks for letting us know, I, =
for one,=20
got kinda tired of never having a clue what the heck was going=20
on.<BR><BR>Rik<BR><BR><BR><BR>At 11:49 PM 7/31/2002 -0400, you =
wrote:<BR>
<BLOCKQUOTE class=3Dcite cite=3D"" type=3D"cite"><FONT face=3Darial =
size=3D2>Looks=20
like throes group screwed the pooch again(openssl), I have an =
emergency=20
upgrade to the systems taking place right now, The SSL libraries are =
being=20
replaced on this machine right now and the packages that they link =
to,=20
security upgrade before the script kiddes find out, the list might =
be slow=20
0:00-3:00 with about a 15 minutes outage as the machine is boot in =
to the=20
new kernel and packages, no member need to due anything, just a =
heads=20
up.</FONT><BR> <BR><FONT face=3Darial=20
size=3D2>MJM</FONT></BLOCKQUOTE></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0071_01C238F0.6A751640--