[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reg: Vulnerability CVE-2014-0160


Le 11/04/14 14:31, Andreas Schneider a écrit :
> Hi,
>> This is regarding the vulnerability CVE-2014-0160 (OpenSSL Heartbleed),
>> we understand that we use openSSL in our implementation.
>>
>> We link -lssl and use libcrypto.so in our compilation and linking,
>> Does this vulnerability has any impact in libssh, Share your thoughts
>> regarding this.
>
Hi Andreas,

Quick though here, maybe we should try to avoid linking with -lssl
because I don't think we use any API from libssl but only libcrypto.

Aris


Follow-Ups:
Re: Reg: Vulnerability CVE-2014-0160Andreas Schneider <asn@xxxxxxxxxxxxxx>
References:
Reg: Vulnerability CVE-2014-0160Aartih <aarthit2014@xxxxxxxxx>
Re: Reg: Vulnerability CVE-2014-0160Andreas Schneider <asn@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org