Hello, My name is Jorge Torres and I'm a software engineer at EMC Corp. I work with two EMC products which utilize OpenSSL version 0.9.8 (on Windows x86 and x64, Solaris, HP, AIX and Linux), and I am writing this email in regards to the advisory described in the following link: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca989269a2876bae79393bd54c3e72d49975fc75
Essentially, we need OpenSSL version 1.0.2 in order to resolve a security vulnerability. However, upgrading to OpenSSL 1.0.2 would require a significant amount of effort from our end. Are there any patches for OpenSSL 0.9.8 that would address this issue? I did review a list of commit diffs listed in this link: http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0294b2be5f4c11 However, I cannot apply those diffs to the 0.9.8 version of the .c files. It looks like 0.9.8 is too old. I appreciate any help you can provide. Thank you, - Jorge Torres ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
