[Bug 57465] New: Build TC Native with with latest OpenSSL to address CVEs

bugzilla Mon, 19 Jan 2015 07:39:06 -0800

https://issues.apache.org/bugzilla/show_bug.cgi?id=57465


            Bug ID: 57465
           Summary: Build TC Native with with latest OpenSSL to address
                    CVEs
           Product: Tomcat Native
           Version: 1.1.32
          Hardware: PC
            Status: NEW
          Severity: major
          Priority: P2
         Component: Library
          Assignee: dev@tomcat.apache.org
          Reporter: brian.m.pick...@gmail.com

OpenSSL has a reported 8 CVE's affecting 1.0.1j and older since October last
year, which is the version that's built into the latest windows binary, version
1.1.32.

Please build with the latest version of OpenSSL (1.0.1l at this time) which
addresses all of these issues.

https://www.openssl.org/news/vulnerabilities.html

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 57465] New: Build TC Native with with latest OpenSSL to address CVEs

Reply via email to