On Fri, 2002-08-09 at 15:33, Andreas Hasenack wrote: > Em Fri, Aug 09, 2002 at 09:58:03AM -0700, MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1) >escreveu: > > With the recent vulnerabilities found in OpenSSL, I thought it'd make sense > > for Apache to check for OpenSSL 0.9.6e or higher. > > And what about patched openssl versions? Given the notorious > binary incompatibility even between minor openssl releases, not > everybody is going to update to the latest version, but patch > the ones they have. Also, I think that check will fail on 0.9.7 which is coming RSN.
> -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: [EMAIL PROTECTED] US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
