Just to clarify for anyone searching the archives in the future: Is that commit included in release 1.0.1t or not? (I could probably dig it up myself, but I am not an authoritative source on the matter, so not good enough for future readers). On 12/08/2016 21:20, Salz, Rich wrote: > > Commit 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 in 1.0.1 > > *From:*Scott Neugroschl [mailto:scott_n at xypro.com] > *Sent:* Friday, August 12, 2016 3:11 PM > *To:* openssl-users at openssl.org > *Subject:* [openssl-users] CVE-2016-2177 > > CVE 2016-2177 notes that it applies to all versions up to 1.0.2h. > Does this mean that the fix is not applied to the 1.0.1 series (in > particular 1.0.1t)? > Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded