On Wed, Apr 16, 2014 at 9:08 PM, Dev Kumkar <devdas.kum...@gmail.com> wrote:
> On Wed, Apr 16, 2014 at 7:50 PM, Stephen Frost <sfr...@snowman.net> wrote: > >> * Dev Kumkar (devdas.kum...@gmail.com) wrote: >> > I just downloaded the latest binaries from EnterpriseDB and when checked >> > with libssl.so.1.0.0 can see this: >> > OpenSSL 1.0.1g 7 Apr 2014 >> > >> > OpenSSL 1.0.1g is the patched version. >> >> Yes, checked w/ them and they say it's all patched.. >> >> > Awaiting confirmation and also please let know if there is certain NOTE >> or >> > link which talks about this fix from EnterpriseDB side. >> >> There's a note on the 'installers' page here: >> http://www.enterprisedb.com/products-services-training/pgdownload >> >> I believe they're going to add a note to the other page too. >> >> Thanks, >> >> Stephen >> > > Thanks for the confirmation. Yup checked the NOTE on 'installers' page and > a note on binary page will really help. > > Regards... > Hello Guys, For postgreSQL, is there any OpenSSL fix coming up for this issue: http://www.zdnet.com/openssl-fixes-another-severe-vulnerability-7000030253/ Currently in PostgreSQL 9.4.3 the version is as follows: OpenSSL 1.0.1g 7 Apr 2014 As per the above link, fixed OpenSSL version would be 1.0.1h Looking forward for some comments here. Regards...
