Hi,

I am using openssl 9.8h .Is there any patches to fix this bug for openssl
9.8h

Please Help

Thanks
Joshi

On Sat, Nov 1, 2008 at 4:25 PM, Steve Pincaud via RT wrote:

> Hi,Sorry for the late reply, I did not subscrive to the mailing list
> (and
> therfore did not receive the replies from Rafael & Kyle ) , so just to
> clarify I was using Apache HTTPd 2.2.9 and had issues with its bundled
> version of openSSL which was 0.9.8h , I understood correctly the issue is
> now fixed in the latest release 0.9.8i.
>
> The good news is that I see the latest Apache release 2.0.10 (see at
> http://httpd.apache.org/download.cgi) , is now including including OpenSSL
> 0.9.8i , so my issue should fixed in fact.
>
> See also :
> https://issues.apache.org/bugzilla/s...g.cgi?id=45763
> https://issues.apache.org/bugzilla/s...g.cgi?id=43822
>
> Kind regards,
>
> Steve
>
>
> Re: [openssl.org #1725] OpenSSL-0.9.8h: Bug in Certificate Request
> generation
>
> Kyle Hamilton
> Mon, 08 Sep 2008 17:18:27 -0700
>
> "ETA" is "Estimated Time of Arrival". Basically, he's asking when
> OpenSSL 0.9.8i is going to be released.
>
> -Kyle H
>
> On Mon, Sep 8, 2008 at 1:39 PM, Rafael Jorge Csura Szendrodi via RT
> <[EMAIL PROTECTED]> wrote:
> >
> > Hi,
> >
> > On Mon, 8 Sep 2008 16:44:43 +0200 (CEST), Steve Pincaud via RT wrote
> >> Hi,
> >>
> >> I have seen the issue will be fixed in the next release, do you have an

> ETA
> > ? (0.9.8i or 0.9.9 ?) , I would then ask Apache team when such new

> OpenSSL
> > milestone would be bundled in Apache2 HTTPd (2.3 ?!)
> >
> > Excuse-me... But I didn't understand anything... What's means ETA???
> > I came back to OpenSSL-0.9.8g and I am only waiting for a new release of
> > OpenSSL (i.e. 0.9.8i). But, I generated all certificates using same the
> > OpenSSL-0.9.8g.
> > I only reported a bug in OpenSSL-0.9.8h (at Fri, 01 Aug 2008 05:24:58

> -0700)
> > and you answered (at Sun, 03 Aug 2008 05:55:19 -0700) that this bug was

> fixed
> > in the 0.9.8 snapshots and will appear in the next OpenSSL release. Ok, I

> was
> > satisfied with you response and I am waiting for the next stable version

> of
> > OpenSSL. But, until the next version arrive, the OpenSSL-0.9.8g is

> working
> > fine for me...
> >
> > Excuse-me, but I didn't understand what you are asking me now? I didn't

> hope
> > you returned to that subject.
> >
> > Regards,
> > Rafael
> >
> >>
> >> Regards,
> >>
> >> Steve

> >
> > --
> > Atenciosamente,
> > Rafael Jorge Csura Szendrodi
> > Network Administrator - PADS/COPPE/UFRJ

>
> > E-mail: [EMAIL PROTECTED]

>
>
>
> 2008/9/8 Steve Pincaud
>
> > Hi,
> >
> > I have seen the issue will be fixed in the next release<

> http://www.mail-archive.com/openssl-dev@openssl.org/msg24330.html>,
> > do you have an ETA ? (0.9.8i or 0.9.9 ?) , I would then ask Apache team

> when
> > such new OpenSSL milestone would be bundled in Apache2 HTTPd (2.3 ?!)
> >
> > Regards,
> >
> > Steve
> >
> >
> >

>
>
> Hi,Sorry for the late reply, I did not subscrive to the mailing list (and
> therfore did not receive the replies from Rafael & Kyle ) , so just to
> clarify I was using Apache HTTPd 2.2.9 and had issues with its bundled
> version of openSSL which was 0.9.8h , I understood correctly the issue is
> now fixed in the latest release 0.9.8i.
>
> The good news is that I see the latest Apache release 2.0.10 (see at
> http://httpd.apache.org/download.cgi) , is now including including OpenSSL
> 0.9.8i , so my issue should fixed in fact.
>
> See also :
> https://issues.apache.org/bugzilla/show_bug.cgi?id=45763
> https://issues.apache.org/bugzilla/show_bug.cgi?id=43822
>
> Kind regards,
>
> Steve
>
>
> Re: [openssl.org #1725] OpenSSL-0.9.8h: Bug in Certificate Request
> generation
>
> Kyle Hamilton
> Mon, 08 Sep 2008 17:18:27 -0700
>
> "ETA" is "Estimated Time of Arrival". Basically, he's asking when
> OpenSSL 0.9.8i is going to be released.
>
> -Kyle H
>
> On Mon, Sep 8, 2008 at 1:39 PM, Rafael Jorge Csura Szendrodi via RT
>
> <[EMAIL PROTECTED]> wrote:
> >
> > Hi,
> >
> > On Mon, 8 Sep 2008 16:44:43 +0200 (CEST), Steve Pincaud via RT wrote
> >> Hi,
> >>
> >> I have seen the issue will be fixed in the next release, do you have an ETA

>
> > ? (0.9.8i or 0.9.9 ?) , I would then ask Apache team when such new OpenSSL
> > milestone would be bundled in Apache2 HTTPd (2.3 ?!)
> >
> > Excuse-me... But I didn't understand anything... What's means ETA???

>
> > I came back to OpenSSL-0.9.8g and I am only waiting for a new release of
> > OpenSSL (i.e. 0.9.8i). But, I generated all certificates using same the
> > OpenSSL-0.9.8g.
> > I only reported a bug in OpenSSL-0.9.8h (at Fri, 01 Aug 2008 05:24:58 -0700)

>
> > and you answered (at Sun, 03 Aug 2008 05:55:19 -0700) that this bug was fixed
> > in the 0.9.8 snapshots and will appear in the next OpenSSL release. Ok, I was
> > satisfied with you response and I am waiting for the next stable version of

>
> > OpenSSL. But, until the next version arrive, the OpenSSL-0.9.8g is working
> > fine for me...
> >
> > Excuse-me, but I didn't understand what you are asking me now? I didn't hope
> > you returned to that subject.

>
> >
> > Regards,
> > Rafael
> >
> >>
> >> Regards,
> >>
> >> Steve

> >
> > --
> > Atenciosamente,
> > Rafael Jorge Csura Szendrodi

>
> > Network Administrator - PADS/COPPE/UFRJ

>
> > E-mail: [EMAIL PROTECTED]

>
>
>
> 2008/9/8 Steve Pincaud
>
>> Hi,
>>
>> I have seen the issue will be fixed in the next release,
>> do you have an ETA ? (0.9.8i or 0.9.9 ?) , I would then ask Apache team when
>> such new OpenSSL milestone would be bundled in Apache2 HTTPd (2.3 ?!)
>>
>> Regards,
>>
>> Steve
>>
>>
>>

>
>
>
>



--
Regards
Joshi Chandran