Hi, Peter! On Apr 10, Peter Laursen wrote: > What about this > http://security.stackexchange.com/questions/55249/what-clients-are-proven-to-be-vulnerable-to-heartbleed(MariaDB > 5.5.36 is listed). > > And what about the C-API?
MariaDB 5.5.36 is vulnerable when it is built with system OpenSSL and system OpenSSL is vulnerable. Just as any executable, linked with OpenSSL. The fix is to upgrade system OpenSSL. That's why we prefer to link with system dynamic libraries, not with bundled static ones. Regards, Sergei _______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : [email protected] Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp
