Hello, I noticed the announcement of some vulnerabilities in OpenSSL: CVE-2009-0590, CVE-2009-0591 and CVE-2009-0789.
Solution would be to upgrade to 0.9.8k. But I'm using the binary distribution of Apache (2.0.63 with OpenSSL 0.9.7m) and there is no newer one available. I don't want to switch to Apache 2.2. Does version 0.9.7m also contain the mentioned vulnerabilities? If yes, is there a fix version available? Best Regards -- Alfred Boehme Manager Development Fujitsu Technology Solutions GmbH email: mailto:alfred.boe...@ts.fujitsu.com Internet: http://ts.fujitsu.com Company Details: http://ts.fujitsu.com/imprint.html ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
