[openssl-users] regarding the vulnerability CVE-2015-1788

Jaya Nageswar jaya.nageswar at gmail.com
Thu Jul 2 12:28:18 UTC 2015

Dear openssl users,

I have a question regarding the vulnerability CVE-2015-1788.

At http://openssl.org/news/secadv_20150611.txt, I would like to get the
clarification on the follwing statement.

This issue affects OpenSSL versions: 1.0.2 and 1.0.1. Recent 1.0.0 and
0.9.8 versions are not affected. 1.0.0d and 0.9.8r and below are affected.

I would like to know in which version of 0.9.8, this vulnerability is
fixed. I do not find the code changes related to this in 0.9.8zg that are
committed for 1.0.1n(
for fixing the same. Is the fix different for 0.9.8 and 1.0.1 versions.
Please help me.

-Jaya Nageswar.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150702/f0c41ec7/attachment.html>

More information about the openssl-users mailing list