On 04/10/2014 11:36 AM, Jason Todd wrote: > One other quick question. Is it possible to use the fipscanister from > 1.0.1c with 1.0.1g and maintain compliance? Assuming that even compiles
fipscanister is not "from" 1.0.1 anything; it is from the OpenSSL FIPS Object Module 2.0, i.e. one of the openssl-fips-2.0.N.tar.gz distributions. The FIPS module is unaffected by the heartbeat bug. So yes, can can and should upgrade to a "FIPS capable" 1.0.1g. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com marqu...@openssl.com gpg/pgp key: http://openssl.com/docs/0xCE69424E.asc ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
