I know the stable version 1.5.1 is released before the vulnerability CVE-2023-0286 is discovered. But my company requests us to have no high risk vulnerability included in the app.
Just change the OpenSSL version to v1.1.1t should be able to solve this problem, but I can only get a binary version of this library, is it any way to build my own version? I cannot find any source code in this repository. Can anyone give me a guide so I can build my own one with only OpenSSL version changed.
Or if the unstable 2.x are compatible to the 1.5.1, I can also try them.
I know the stable version 1.5.1 is released before the vulnerability CVE-2023-0286 is discovered. But my company requests us to have no high risk vulnerability included in the app.
Just change the OpenSSL version to v1.1.1t should be able to solve this problem, but I can only get a binary version of this library, is it any way to build my own version? I cannot find any source code in this repository. Can anyone give me a guide so I can build my own one with only OpenSSL version changed.
Or if the unstable 2.x are compatible to the 1.5.1, I can also try them.