https://bz.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #9 from michael.lit...@nuix.com ---
I was able to download tcnative-1.dll version 1.1.33 from
http://apache.spinellicreations.com/tomcat/tomcat-connectors/native/1.1.33/
Thanks very much.
--
You are receiving this mail because:
https://bz.apache.org/bugzilla/show_bug.cgi?id=57465
Mark Thomas ma...@apache.org changed:
What|Removed |Added
Status|NEW |RESOLVED
https://bz.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #7 from michael.lit...@nuix.com ---
I took a look at the steps for building tcnative-1.dll, at
http://wiki.apache.org/tomcat/BuildTcNativeWin, and found them to be beyond my
skill level.
I've asked the vendor of the application I
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
Brett Randall javabr...@gmail.com changed:
What|Removed |Added
CC|
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #2 from brian.m.pick...@gmail.com ---
Unless I'm somehow mistaken I believe the following CVEs apply to openssl
1.0.1j and I believe tcnative 1.1.31 is built with 1.0.1j.
CVE-2014-3569: 21st October 2014
CVE-2014-8275: 5th
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #5 from brian.m.pick...@gmail.com ---
(In reply to Mark Thomas from comment #4)
Again, which of those do you think apply to tc-native? Just because OpenSSL
has a vulnerability that does not mean that tc-native automatically
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
Mark Thomas ma...@apache.org changed:
What|Removed |Added
OS||All
--- Comment #1
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #3 from brian.m.pick...@gmail.com ---
(In reply to brian.m.pickens from comment #2)
Unless I'm somehow mistaken I believe the following CVEs apply to openssl
1.0.1j and I believe tcnative 1.1.31 is built with 1.0.1j.
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #4 from Mark Thomas ma...@apache.org ---
Again, which of those do you think apply to tc-native? Just because OpenSSL has
a vulnerability that does not mean that tc-native automatically has the
vulnerability.
--
You are
https://issues.apache.org/bugzilla/show_bug.cgi?id=57465
--- Comment #6 from Mark Thomas ma...@apache.org ---
DTLS is not supported by tc-native.
Neither was the no-ssl3 buidl option used to produce the Windows binaries.
The client issues are also clearly not relevant.
That leaves three
10 matches
Mail list logo