Hi - I have a question regarding heartbleed and httpd configuration data
leakage. It was suggested that I ask this on the dev list as well.
Should
someone have been exploiting this bug, would it be possible that httpd
configuration data, derived via httpd confg files and in apache's
memory, could have been leaked out through these openssl malloc calls?
Or is the memory space those malloc calls for the openssl
encryption/decryption layer isolated from the memory where httpd
configuration is stored?
thanks
