On Tue, Apr 8, 2014, at 11:37 PM, Andreas Krey wrote: > On Tue, 08 Apr 2014 22:06:31 +0000, Geoff Down wrote: > > > ... > > /library/tor/bin/tor: > > /opt/local/lib/libz.1.dylib (compatibility version 1.0.0, > > current version 1.2.5) > > /opt/local/lib/libevent-2.0.5.dylib (compatibility version > > 7.0.0, current version 7.4.0) > > /opt/local/lib/libssl.1.0.0.dylib (compatibility version 1.0.0, > > current version 1.0.0) > > /opt/local/lib/libcrypto.1.0.0.dylib (compatibility version > > 1.0.0, current version 1.0.0) > > /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current > > version 88.1.12) > > > > libssl==openssl? If so, not vulnerable > > Yes, and yes. >
otool gives the same results after recompiling with openssl 1.0.1g - tor is definitely using the new version though. Just curious why otool says that - as does the file listing: Apr 11 02:47 /opt/local/lib/libssl.1.0.0.dylib GD -- http://www.fastmail.fm - Send your email first class -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
