We were using openssl 1.0.1c, built fipscanister.lib which is linked to libeay32.dll and ssleay32.dll. The output files ( libeay32.dll ) were submitted for FIPS validation. Now after openssl 1.0.1f, we need to upgrade ssl library to version 1.0.1f. But fips validation is already done on 1.0.1c. Do we need FIPS revalidatation even security patch is in OpenSSL ? We are patching openssl and the cyypto module.
Thanks, -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-revalidation-after-openssl-vulnerability-fix-tp48343.html Sent from the OpenSSL - Dev mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
