Control: found -1 1.0.1k-3+deb8u2 On 2016-04-07 14:40:54 [+0200], Fabrizio Lippolis wrote: > BUG still exists within openssl: 1.0.1k-3+deb8u2 using: debian jessie
Jessie has 1.0.1k-3+deb8u4 by now. Anyway. This is probably getting us nowhere. Is there someone using the SDK successfully? Is there a new version of this SDK? Without a reduced testcase I don't think this will make any progress within the next decade. But looking at google, I found one person with the same bug hacking an email bomb. My guess here based on the error message and goole is that multiple threads are using the same SSL socket without proper locking. And this is not openssl's fault. Sebastian