On Wed, Jun 11, 2014 at 04:09:47PM +0000, Scott Neugroschl wrote: > I know 0.9.7 is no longer under development, but for various > reasons, I have an app that is still using 0.9.7g. > Is 0.9.7g subject to the vulnerability from CVD-0214-0224?
There are I expect many unresolved issues (even if not the particular one in question) in the long ago un-maintained 0.9.7 release. So my advice is that if this application is communicating over the public Internet, it needs to be upgraded or retired. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org