* Olivier Mengué <olivier.men...@gmail.com> [2014-04-17 10:45]: > Many Linux distribution will add a patch over the existing OpenSSL > code, without changing the version number.
Or they recompile the library with the OPENSSL_NO_HEARTBEATS defined – no patches even necessary. > A proper check for heartbleed would really test the implementation > using real calls to the openssl API, exchanging real packets, using > inspiration from PaceMaker. > https://github.com/Lekensteyn/pacemaker Indeed. Regards, -- Aristotle Pagaltzis // <http://plasmasturm.org/>