Hi,

You have probably heard of the now famous "heartblead" bug of the OpenSSL
library.
http://heartbleed.com/

StrawberryPerl is bundled with a binary of the OpenSSL library so I'm
wondering if StrawberryPerl is affected by the bug.

I had a look at the release notes of StrawberryPerl to look for the version
number of the OpenSSL and all versions of StrawberryPerl since at least
5.16.0.1 have an OpenSSL in the range affected by the heartbleed bug.

It would be helpful to have an official statement from the StrawberryPerl
team regarding this issue and to display it prominently on the
StrawberryPerl.com page.

Olivier Mengué
https://metacpan.org/author/DOLMEN

Reply via email to