On Sat, Mar 07, 2015 at 06:14:17PM +0100, Allauddin Ahmad via RT wrote:
OpenSSL 0.9.7 has been unsupported for quite some time. Therefore,
as far as I know the OpenSSL team is not checking 0.9.7 to verify
whether it is or is not affected by any recent vulnerability
disclosures. It is almost
Dear Concerned:
Can you please confirm that OpenSSL branch 0.9.7 branch is not affected by:
*DTLS segmentation fault in dtls1_get_record (CVE-2014-3571
(CVE-2015-0206
*DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)
*no-ssl3 configuration sets method to NULL
On Sat, Mar 07, 2015, Allauddin Ahmad via RT wrote:
Dear Concerned:
Can you please confirm that OpenSSL branch 0.9.7 branch is not affected by:
As Viktor mentioned 0.9.7 is no longer being maintained.
However the following two issues will be present in 0.9.7:
*RSA silently
Closing ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
lease
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev