Hi, I've recently seen OpenSSL 1.0.1f and 1.0.0l releases which fix some security issues. Your vulnerabilities page state it only affect some 1.0.0* and 1.0.1* releases. However, when I look at these URLs, I'm under the impression it also affects 0.9.8y. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6450 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6449
Question(s) Are these 2 security issues affecting 0.9.8.y ? If so, will you release a 0.9.8z version that will fix them? If not why? Is it because 0.9.8 is now unsupported? If so, would be great if you could state it on your website Best regards, Yannick Bergeron Advisory IT Specialist