Hello, I noticed the announcement of some vulnerabilities in OpenSSL: CVE-2009-0590, CVE-2009-0591 and CVE-2009-0789. Solution would be to upgrade to 0.9.8k. But I'm using the binary distribution of Apache (2.0.63 with OpenSSL 0.9.7m) and there is no newer one available. I don't want to switch to Apache 2.2. Is there a version of Apache planned together with a fix version of OpenSSL ? Best Regards -- Alfred Boehme Manager Development FTS TSP x86 E SW 4 Fujitsu Technology Solutions GmbH Otto-Hahn-Ring 6 81730 Munich Germany Telephone: +49 89 636 43013 Telefax: +49 89 636 41215 email: mailto:Alfred.Boehme@xxxxxxxxxxxxxx Internet: http://ts.fujitsu.com Company Details: http://ts.fujitsu.com/imprint.html --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|