You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/06/25 17:27:31 UTC
[tomcat-native] branch master updated: Bump the minimum OpenSSL
version
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat-native.git
The following commit(s) were added to refs/heads/master by this push:
new f03ed09 Bump the minimum OpenSSL version
f03ed09 is described below
commit f03ed09d43095375e46f16327b3f29ee5a019009
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Tue Jun 25 18:27:03 2019 +0100
Bump the minimum OpenSSL version
I don't think CVE-2019-1559 applies to Tomcat Native but err on the side
of caution.
---
native/srclib/VERSIONS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/native/srclib/VERSIONS b/native/srclib/VERSIONS
index 82fade5..a5feb4c 100644
--- a/native/srclib/VERSIONS
+++ b/native/srclib/VERSIONS
@@ -1,4 +1,4 @@
Use the following version of the libraries
- APR 1.6.5 or later, http://apr.apache.org
-- OpenSSL 1.0.2q or later, http://www.openssl.org
+- OpenSSL 1.0.2r or later, http://www.openssl.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org