Text only | Text with Images

The Apache Haus Forum

Forum Topics => News & General Discussion => Topic started by: Gregg on April 20, 2012, 08:56:43 AM

Title: OpenSSL 0.9.8 & 1.0.1a updates available for Apache 2.2.22 & 2.4.2
Post by: Gregg on April 20, 2012, 08:56:43 AM
A potentially exploitable buffer-overrun vulnerability has been discovered in OpenSSL 0.9.8u, 1.0.0h, 0.9.8u and prior versions.
Get your OpenSSL 0.9.8v or 1.0.1a updates for Apache 2.2.22 & 2.4.2 on our download page (http://www.apachehaus.com/cgi-bin/download.plx).

Title: Re: OpenSSL 0.9.8 & 1.0.1a updates available for Apache 2.2.22 & 2.4.2
Post by: Gregg on April 25, 2012, 12:42:37 AM
It looks like the fix for CVE-2012-2110 was not sufficient to correct the ASN1 BIO vulnerability issue for OpenSSL version 0.9.8  oo OpenSSL 0.9.8w source has been released by them. I'll try to have new OpenSSL 0.9.8w updates in the next 24 hours.
Text only | Text with Images