Does it matter if you are only using client-side SSL, if you are not running a
server with Strawberry but just connecting to sites?
> On Apr 16, 2014, at 1:31, "kmx" <k...@atlas.cz> wrote:
> You can try updated strawberry perl from:
>> On 15.4.2014 0:36, kmx wrote:
>> you can get updated openssl binaries from:
>> - http://strawberryperl.com/package/kmx/64_libs/gcc47-2014Q1/
>> - http://strawberryperl.com/package/kmx/32_libs/gcc47-2014Q1/
>> I am considering releasing strawberry perl 188.8.131.52 (with new openssl)
>> before the end of April.
>>> On 12.4.2014 20:45, Olivier Mengué wrote:
>>> You have probably heard of the now famous "heartblead" bug of the OpenSSL
>>> StrawberryPerl is bundled with a binary of the OpenSSL library so I'm
>>> wondering if StrawberryPerl is affected by the bug.
>>> I had a look at the release notes of StrawberryPerl to look for the version
>>> number of the OpenSSL and all versions of StrawberryPerl since at least
>>> 184.108.40.206 have an OpenSSL in the range affected by the heartbleed bug.
>>> It would be helpful to have an official statement from the StrawberryPerl
>>> team regarding this issue and to display it prominently on the
>>> StrawberryPerl.com page.
>>> Olivier Mengué