[openssl-users] CVE-2016-2177

Jakob Bohm jb-openssl at wisemo.com
Tue Aug 16 02:37:40 UTC 2016

Just to clarify for anyone searching the archives in the future:

Is that commit included in release 1.0.1t or not?

(I could probably dig it up myself, but I am not an authoritative
source on the matter, so not good enough for future readers).

On 12/08/2016 21:20, Salz, Rich wrote:
> Commit 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 in 1.0.1
> *From:*Scott Neugroschl [mailto:scott_n at xypro.com]
> *Sent:* Friday, August 12, 2016 3:11 PM
> *To:* openssl-users at openssl.org
> *Subject:* [openssl-users] CVE-2016-2177
> CVE 2016-2177 notes that it applies to all versions up to 1.0.2h.   
> Does this mean that the fix is not applied to the 1.0.1 series (in 
> particular 1.0.1t)?

Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list