On 04/15/2014 11:33 AM, Dotzero wrote: > If they were bundled with out of date libs then they were most likely > on 0.9.8(probably e) and not vulnerable. I'm just saying. It's folks > who were more current that were more likely to be vulnerable to this > particular issue. I can't say much about OSX but what I've seen in > checking is that many apps are simply using whatever OpenSSL is on the > OS.
Kerio Connect bundled in OpenSSL 1.0.1 instead of using the OSX copy. -- Mike Iglesias Email: igles...@uci.edu University of California, Irvine phone: 949-824-6926 Office of Information Technology FAX: 949-824-2270 _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
