Hi,

I've recently seen OpenSSL 1.0.1f and 1.0.0l releases which fix some 
security issues.
Your vulnerabilities page state it only affect some 1.0.0* and 1.0.1* 
releases.
However, when I look at these URLs, I'm under the impression it also 
affects 0.9.8y.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6450
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6449


Question(s)
Are these 2 security issues affecting 0.9.8.y ?
If so, will you release a 0.9.8z version that will fix them?
If not why? Is it because 0.9.8 is now unsupported? If so, would be great 
if you could state it on your website


Best regards,

Yannick Bergeron
Advisory IT Specialist

Reply via email to