https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
Bug ID: 57465 Summary: Build TC Native with with latest OpenSSL to address CVEs Product: Tomcat Native Version: 1.1.32 Hardware: PC Status: NEW Severity: major Priority: P2 Component: Library Assignee: dev@tomcat.apache.org Reporter: brian.m.pick...@gmail.com OpenSSL has a reported 8 CVE's affecting 1.0.1j and older since October last year, which is the version that's built into the latest windows binary, version 1.1.32. Please build with the latest version of OpenSSL (1.0.1l at this time) which addresses all of these issues. https://www.openssl.org/news/vulnerabilities.html -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org