On Thu, Jun 12, 2014, Karthik R wrote: > Does the recent vulnerability exposed in openSSL - CVE-2014-0224 and > CVE-2014-0221 affect openssl-fips-2.0.5 ? > > If Yes, How do I get fips compliant openSSL? >
If you mean the FIPS module then no. The FIPS module does not contain any TLS or DTLS code so you just use the validated module against OpenSSL 1.0.1h to produce a FIPS capable OpenSSL. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
