You are not logged in.
- Topics: Active | Unanswered
#1 2007-04-21 11:07:34
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Upstream bug in openssl 0.9.8e
A bug has been reported in openssl 0.9.8e that could have potentially critical consequences for some users. Please refer to this news item for full details.
I would be grateful if users of the testing repo could install this as soon as possible. I do not expect any difficulties with the implemented fix, but if there are, report them in this thread or in the bugtracker.
Thanks and regards
Offline
#2 2007-04-22 07:04:19
- mcover
- Member
- From: Germany
- Registered: 2007-01-25
- Posts: 134
Re: Upstream bug in openssl 0.9.8e
Hi,
couple months ago I also had the problem that I could not mount an encrypted folder (EncFS) that I created some time ago. I thought, oh well maybe the new EncFS is incompatible with folders created with earlier versions, then installed Ubuntu (which is known to have non-bleeding-edge stuff) in qemu and recovered my files.
I kept a backup of the exact folder which I was not able to mount with EncFS. I just tested openssl-0.9.8e-3 with it and I could successfully mount my encrypted folder. I then tested doing the exact same thing with openssl-0.9.8e-2, which obviously did not work at all.
So, thanks for identifying this problem and patching openssl.
Last edited by mcover (2007-04-22 07:05:16)
Offline
#3 2007-04-22 12:10:12
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Re: Upstream bug in openssl 0.9.8e
Good news, and thanks for the additional test.
Offline
#4 2007-04-30 20:30:56
- quayrodent
- Member
- Registered: 2007-01-18
- Posts: 7
Re: Upstream bug in openssl 0.9.8e
I don't know if this will be of interest, but we've been using Box Backup, an online backup system that uses data encryption. Much to my consternation, after recently upgrading to Voodoo (and hence openssl-0.9.8e-2,) my server backups were failing and I could no longer access my existing backup stores. My windows clients are still working successfully, so that gave me an out as I can import my server keys to a windows machine and retrieve data that way.
I am happy to report that after installing openssl-0.9.8e-3 on a test Arch server, I was able to backup and successfully restore once again.
Thanks much, and godspeed on the testing!
Offline
#5 2007-04-30 20:53:07
- tomk
- Forum Fellow
- From: Ireland
- Registered: 2004-07-21
- Posts: 9,839
Re: Upstream bug in openssl 0.9.8e
Definitely of interest, and an additional positive test result. Many thanks.
0.9.8e-3 has now moved to Current.
Offline