Hi >From the openssl website, it mentioned that >CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> >affected version of Openssl prior to April 2015. We used openssl 0.98zf in our old product which was released several years ago.
Do you know if CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> affected version 0.9.8zf? We want to get this info to plan our work. Thanks Lily CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> (OpenSSL advisory) <https://www.openssl.org/news/secadv/20160503.txt> [High severity] 3rd May 2016: [https://www.openssl.org/img/up.gif] <https://www.openssl.org/news/vulnerabilities.html#toc> This issue affected versions of OpenSSL prior to April 2015. CVE-2016-2108<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2108> (OpenSSL advisory) <https://www.openssl.org/news/secadv/20160503.txt> [High severity] 3rd May 2016: [https://www.openssl.org/img/up.gif] <https://www.openssl.org/news/vulnerabilities.html#toc> * Fixed in OpenSSL 1.0.1o (Affected 1.0.1n, 1.0.1m, 1.0.1l, 1.0.1k, 1.0.1j, 1.0.1i, 1.0.1h, 1.0.1g, 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1) * Fixed in OpenSSL 1.0.2c (Affected 1.0.2b, 1.0.2a, 1.0.2)
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
