> if (!openssl_is_patched("CVE-2014-0160”)) { > complain_vociferously(); > } That's an interesting idea. Of course the CVE list would grow, so perhaps arrays of ints are better Int OPENSSL_cve_fixed(int year, int vuln);; ?