On Mon, Oct 13, 2008 at 11:38:54PM -0700, joshi chandra wrote: > > Hi All, > > I am using openssl 9.8h and i have found Compression Memory Leak Remote > Denial of Service Vulnerability in it. The vulnerability info can be found > in the following link http://www.securityfocus.com/bid/31692/info. > > Is there any patches i can apply on openssl 0.9.8h
It looks like this is not an OpenSSL bug, rather it looks like a bug in Apache's mod_ssl: http://marc.info/?l=openssl-dev&m=121066351112305&w=2 There is no fix in 0.9.8i, as none was required. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
