On Mon, Jun 03, 2002 at 04:01:38PM -0400, Lenny Miceli wrote:
> I've tried to search the archives/bug reports/faq's and didn't find any
> definitive answers on the zlib Double Free Bug CERT's Advisory CA-2002-07
> issue. Does openssl v0.9.6b or above have this issue? I know if you do a
> stings on libcrypto.a you find zlib alot, so I assume somehow the zlib library
> is used in crypto/comp/c_zlib.c or somewhere. Thanks for any help
> you can give me.
If not explicitely selected, OpenSSL is not compiled with zlib-support.
And even if it would be compiled in, it won't be used by default, unless
an application enables it. I am not aware of any publicly available
application using zlib functionality inside OpenSSL.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
