> I do not have deeper knowledge about protocols but I think as follows: DTLS > means TLS for datagram packets so it means http does not use DTLS, right? On > the other hand, TLS is affected in OpenSSL 1.0.1 and later which means > 0.9.8-related version is not affected, right? > > Thus, can I imply that OpenSSL 0.9.8t version used with Apache httpd 2.2.22 > is not affected with this vulnerability? That's how I interpret the CVE as well. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|