Discussion:
OpenSSL
Andrew Ballard
2014-04-09 17:58:00 UTC
Permalink
The version of OpenSSL reported by phpinfo() on our servers (5.3.28,
Windows Fast-cgi) is actually below the versions mentioned in the
recent security bulletin that is getting all the attention. The
bulletin I read said the problem specifically affected only those two
versions, so are we good or do we need to update?

Andrew
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Jan Ehrhardt
2014-04-09 22:49:34 UTC
Permalink
Post by Andrew Ballard
The version of OpenSSL reported by phpinfo() on our servers (5.3.28,
Windows Fast-cgi) is actually below the versions mentioned in the
recent security bulletin that is getting all the attention. The
bulletin I read said the problem specifically affected only those two
versions, so are we good or do we need to update?
Systems with OpenSSL 0.9.x are not affected.

Jan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Andrew Ballard
2014-04-10 02:33:02 UTC
Permalink
That was how I was reading the announcement, but I wanted to be sure. Thanks.

Andrew
Post by Jan Ehrhardt
Post by Andrew Ballard
The version of OpenSSL reported by phpinfo() on our servers (5.3.28,
Windows Fast-cgi) is actually below the versions mentioned in the
recent security bulletin that is getting all the attention. The
bulletin I read said the problem specifically affected only those two
versions, so are we good or do we need to update?
Systems with OpenSSL 0.9.x are not affected.
Jan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Continue reading on narkive:
Loading...