Does it matter if you are only using client-side SSL, if you are not running a 
server with Strawberry but just connecting to sites?

--
Matthew

> On Apr 16, 2014, at 1:31, "kmx" <k...@atlas.cz> wrote:
> 
> Olivier,
> 
> You can try updated strawberry perl from:
> 
> http://strawberryperl.com/download/5.18.2.2/strawberry-perl-5.18.2.2-32bit.msi
>  
> http://strawberryperl.com/download/5.18.2.2/strawberry-perl-5.18.2.2-64bit.msi
> http://strawberryperl.com/download/5.18.2.2/strawberry-perl-5.18.2.2-32bit.zip
> http://strawberryperl.com/download/5.18.2.2/strawberry-perl-5.18.2.2-64bit.zip
> http://strawberryperl.com/download/5.18.2.2/strawberry-perl-5.18.2.2-32bit-portable.zip
> http://strawberryperl.com/download/5.18.2.2/strawberry-perl-5.18.2.2-64bit-portable.zip
> 
> --
> kmx
> 
>> On 15.4.2014 0:36, kmx wrote:
>> Hi,
>> 
>> you can get updated openssl binaries from:
>> - http://strawberryperl.com/package/kmx/64_libs/gcc47-2014Q1/
>> - http://strawberryperl.com/package/kmx/32_libs/gcc47-2014Q1/
>> 
>> I am considering releasing strawberry perl 5.18.2.2 (with new openssl) 
>> before the end of April.
>> 
>> --
>> kmx
>> 
>>> On 12.4.2014 20:45, Olivier Mengué wrote:
>>> Hi,
>>> 
>>> You have probably heard of the now famous "heartblead" bug of the OpenSSL 
>>> library.
>>> http://heartbleed.com/
>>> 
>>> StrawberryPerl is bundled with a binary of the OpenSSL library so I'm 
>>> wondering if StrawberryPerl is affected by the bug.
>>> 
>>> I had a look at the release notes of StrawberryPerl to look for the version 
>>> number of the OpenSSL and all versions of StrawberryPerl since at least 
>>> 5.16.0.1 have an OpenSSL in the range affected by the heartbleed bug.
>>> 
>>> It would be helpful to have an official statement from the StrawberryPerl 
>>> team regarding this issue and to display it prominently on the 
>>> StrawberryPerl.com page.
>>> 
>>> Olivier Mengué
>>> https://metacpan.org/author/DOLMEN
> 

Reply via email to