Based solely on the CVE information, I'd surmise we aren't affected by
CVE-2017-3733, because we don't have any OpenSSL 1.1.0 in the
repositories - anywhere. The original Apache announcement also
indicated that 1.0.2 is not affected, and the Security Team made a note
that only OpenSSL 1.1.x is aff
On Tue, Sep 19, 2017 at 03:31:22AM +, Eric Yuen wrote:
> I am looking for a contact to reach out in regards
> https://packages.ubuntu.com/trusty/openssl on Trusty and having an update to
> the OpenSSL package updated with CVE-2017-3733
The CVE database reports that Trusty is not affected by
Hi folks,
I am looking for a contact to reach out in regards
https://packages.ubuntu.com/trusty/openssl on Trusty and having an update to
the OpenSSL package updated with CVE-2017-3733
Please kindly forward a contact, appreciated it.
I reached this contact via
Maintainer:
* Ubuntu Develo