home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
kermit.columbia.edu
/
kermit.columbia.edu.tar
/
kermit.columbia.edu
/
newsgroups
/
misc.20031118-20041115
/
000204_jaltman2@nyc.rr.com_Tue Apr 13 17:28:50 2004.msg
< prev
next >
Wrap
Internet Message Format
|
2004-11-14
|
2KB
Path: newsmaster.cc.columbia.edu!newsfeed.nyu.edu!newsfeed.arcor-online.net!in.100proofnews.com!in.100proofnews.com!cycny01.gnilink.net!cyclone1.gnilink.net!gnilink.net!cyclone.rdc-nyc.rr.com!news-out.nyc.rr.com!twister.nyc.rr.com.POSTED!53ab2750!not-for-mail
From: Jeffrey Altman <jaltman2@nyc.rr.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7b) Gecko/20040316
X-Accept-Language: en-us, en
MIME-Version: 1.0
Newsgroups: comp.protocols.kermit.misc
Subject: Re: FTP with Auth SSL
References: <c5bv8301ck0@drn.newsguy.com> <GWfec.23377$Nn4.4630542@twister.nyc.rr.com> <c5clci0adl@drn.newsguy.com> <407A073D.7040004@nyc.rr.com> <c5d66301vto@drn.newsguy.com> <407A990B.3040105@nyc.rr.com> <c5emg3093u@drn.newsguy.com> <407AE686.3030209@nyc.rr.com> <c5gjnr030c7@drn.newsguy.com> <407BF7E6.2030705@nyc.rr.com> <c5h18401e40@drn.newsguy.com> <407C157E.6040105@nyc.rr.com> <m1brlvpqyt.gnus@usa.net>
In-Reply-To: <m1brlvpqyt.gnus@usa.net>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 13
Message-ID: <vjYec.37650$WA4.1158@twister.nyc.rr.com>
Date: Tue, 13 Apr 2004 20:45:15 GMT
NNTP-Posting-Host: 24.193.46.55
X-Complaints-To: abuse@rr.com
X-Trace: twister.nyc.rr.com 1081889115 24.193.46.55 (Tue, 13 Apr 2004 16:45:15 EDT)
NNTP-Posting-Date: Tue, 13 Apr 2004 16:45:15 EDT
Organization: Road Runner - NYC
Xref: newsmaster.cc.columbia.edu comp.protocols.kermit.misc:14917
those who know me have no need of my name wrote:
> redhat is infamous for backporting patches, but since it's not the official
> patch they don't bump the official version just their own package version,
> which in some ways is good, but it makes for some confusion, which isn't
> great especially when security errata is involved. openssl-0.9.7a-20.2 is
> redhat's current package and is supposed to cover the same errata as the
> openssl project's 0.9.7d.
The problem is I don't know if a back port of the security patches would
also include bug fixes which for example prevent OpenSSL from
negotiating SSLv3/TLSv1 with IBM's EDI servers.
So this does not necessarily help the end users