elaka / mod-spdy

Automatically exported from code.google.com/p/mod-spdy
0 stars 0 forks source link

Heartbleed fix for static copy of openssl #86

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
I understand mod_spdy incorporates a statically-linked copy of openssl that is 
vulnerable to the heartbleed attack, CVE-2014-0160. http://heartbleed.com/

I don't see any other bug reports about this issue. The static copy of openssl 
should be updated ASAP.

Original issue reported on code.google.com by lukehu...@google.com on 8 Apr 2014 at 11:46

GoogleCodeExporter commented 8 years ago
The static copy has been updated as of mod_spdy 0.9.4.2, which was pushed out 
today.

Original comment by mdste...@google.com on 9 Apr 2014 at 12:02