[csw-maintainers] Openssl vulnerability CVE-2009-3555
Peter Bonivart
bonivart at opencsw.org
Wed Dec 2 22:56:36 CET 2009
On Wed, Dec 2, 2009 at 10:04 PM, Yann Rouillard <yann at pleiades.fr.eu.org> wrote:
> - release openssl 0.9.8l with renegotiation disabled and warn our users.
> It would be nice for users who don't want to upgrade to be able to forbid
> a package upgrade in pkg-get / pkgutil configuration.
Users of pkgutil 1.9 could add the following in pkgutil.conf:
exclude_pattern=CSWossl
That should skip the openssl packages.
peter at opensolaris:~$ sudo pkgutil -i openssl
Parsing catalog, may take a while...
CURRENT packages:
CSWcacertificates-20091101,REV=2009.11.01
CSWcommon-1.4.7,REV=2009.09.20
CSWcswclassutils-1.30,REV=2009.11.21
EXCLUDED packages:
CSWossl
CSWossldevel
CSWosslrt
CSWosslutils
Nothing to do.
peter at opensolaris:~$
--
/peter
More information about the maintainers
mailing list