What about this http://security.stackexchange.com/questions/55249/what-clients-are-proven-to-be-vulnerable-to-heartbleed(MariaDB 5.5.36 is listed).
And what about the C-API? -- Peter On Wed, Apr 9, 2014 at 3:31 PM, Peter Laursen <[email protected]>wrote: > I think at least on Windows OpenSSL is statically linked? If so, all > available versions have an afftected OpenSLL inside. > > -- Peter > > > On Wed, Apr 9, 2014 at 3:25 PM, Reindl Harald <[email protected]>wrote: > >> >> >> Am 09.04.2014 15:21, schrieb Peter Laursen: >> > A far as I understand MariaDB uses OpenSSL (unlike Oracle-MySQL that >> uses YaSSL). >> > >> > Now what about the heartbleed bug: http://heartbleed.com/ >> > >> > Will all still suported MariaDB versions (5.1, 5.2, 5.3, 5.5 and 10.0 >> are all still suported I think?) need a >> > release for this bug in OpenSSL? >> >> why should they? >> >> update openssl and restart all daemons which are linking the library >> and consider replace your certificates / private keys if a service >> using openssl was reachable from the internet >> >> that's the idea behind shared libraries >> >> >> _______________________________________________ >> Mailing list: https://launchpad.net/~maria-discuss >> Post to : [email protected] >> Unsubscribe : https://launchpad.net/~maria-discuss >> More help : https://help.launchpad.net/ListHelp >> >> >
_______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : [email protected] Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp
