Hello, In light of vulnerability CVE-2012-2110 in OpenSSL, what is the strategy of providing fixes for existing Android versions? The recommendation (http://www.openssl.org/news/secadv_20120419.txt) is to upgrade to 0.9.8v, 1.0.0i or 1.0.1a. Are there any patches available for specific OpenSSL versions on GB and ICS or the code will be updated to the recommended version?
Thanks, Andrew -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/Utdc4ncMx8kJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
