Hi,Sorry for the late reply, I did not subscrive to the mailing list (and
therfore did not receive the replies from Rafael Kyle ) , so just to
clarify I was using Apache HTTPd 2.2.9 and had issues with its bundled
version of openSSL which was 0.9.8h , I understood correctly the issue is
now
Hi,
I am using openssl 9.8h .Is there any patches to fix this bug for openssl
9.8h
Please Help
Thanks
Joshi
On Sat, Nov 1, 2008 at 4:25 PM, Steve Pincaud via RT [EMAIL PROTECTED] wrote:
Hi,Sorry for the late reply, I did not subscrive to the mailing list
(and
therfore did not receive the
Hi All,
From my reading of the bugtraq info, the problem is in the
zlib_stateful_init() function in Openssl versions 0.9.8f through 0.9.8h
which can be exploited via any application utilizing openssl, including
Apache.
Here is a reference from the OpenSSL Project:
Could you please test the other suggested bn_lcl.h modification? While
you're on it...
I cannot actually test it... I can compile and users may test.
I don't have a win64 machine.
How is it tested? Implicitly by an application being inter-operable with
another? Meaning that only only part
On 11/1/08, Andy Polyakov via RT [EMAIL PROTECTED] wrote:
Could you please test the other suggested bn_lcl.h modification? While
you're on it...
I cannot actually test it... I can compile and users may test.
I don't have a win64 machine.
How is it tested? Implicitly by an
Hi,Sorry for the late reply, I did not subscrive to the mailing list (and
therfore did not receive the replies from Rafael Kyle ) , so just to
clarify I was using Apache HTTPd 2.2.9 and had issues with its bundled
version of openSSL which was 0.9.8h , I understood correctly the issue is
now
I managed to produce them myself with
mingw-w64-bin_x86-64-linux_20080921.tar.bz2. Modified sha512.c is fine,
Great!
My environment is gcc-4.3.2, binutils-CVS-head, mingw-w64-SVN-head as
20080921 is equipped with gcc-4.4.0 and whatever the rest it is equipped
with.
modified bn_lcl.h
Great!
Can you commit the mingw64 other stuff?
On 11/1/08, Andy Polyakov via RT [EMAIL PROTECTED] wrote:
I managed to produce them myself with
mingw-w64-bin_x86-64-linux_20080921.tar.bz2. Modified sha512.c is fine,
Great!
My environment is gcc-4.3.2, binutils-CVS-head,