You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by "Boehme, Alfred" <al...@ts.fujitsu.com> on 2009/07/07 10:37:54 UTC

[users@httpd] Vulnerabilities in OpenSSL

Hello,

I noticed the announcement of some vulnerabilities in OpenSSL:
CVE-2009-0590, CVE-2009-0591 and CVE-2009-0789.

Solution would be to upgrade to 0.9.8k.

But I'm using the binary distribution of Apache (2.0.63 with OpenSSL 0.9.7m) and there is no newer one available. I don't want to switch to Apache 2.2.

Is there a version of Apache planned together with a fix version of OpenSSL ?

Best Regards

--
Alfred Boehme
Manager Development
FTS TSP x86 E SW 4
 
Fujitsu Technology Solutions GmbH
Otto-Hahn-Ring 6
81730 Munich
Germany
 
Telephone:       +49 89 636 43013
Telefax:         +49 89 636 41215
 
email:           mailto:Alfred.Boehme@ts.fujitsu.com
 
Internet:        http://ts.fujitsu.com
Company Details: http://ts.fujitsu.com/imprint.html
 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org