On Wed, Jun 11, 2014 at 04:09:47PM +0000, Scott Neugroschl wrote:
> I know 0.9.7 is no longer under development, but for various
> reasons, I have an app that is still using 0.9.7g.
> Is 0.9.7g subject to the vulnerability from CVD-0214-0224?
There are I expect many unresolved issues (even if not the particular
one in question) in the long ago un-maintained 0.9.7 release. So
my advice is that if this application is communicating over the
public Internet, it needs to be upgraded or retired.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
