What about this http://security.stackexchange.com/questions/55249/what-clients-are-proven-to... 5.5.36 is listed). And what about the C-API? -- Peter On Wed, Apr 9, 2014 at 3:31 PM, Peter Laursen <peter_laursen@webyog.com>wrote:
I think at least on Windows OpenSSL is statically linked? If so, all available versions have an afftected OpenSLL inside.
-- Peter
On Wed, Apr 9, 2014 at 3:25 PM, Reindl Harald <h.reindl@thelounge.net>wrote:
Am 09.04.2014 15:21, schrieb Peter Laursen:
A far as I understand MariaDB uses OpenSSL (unlike Oracle-MySQL that uses YaSSL).
Now what about the heartbleed bug: http://heartbleed.com/
Will all still suported MariaDB versions (5.1, 5.2, 5.3, 5.5 and 10.0 are all still suported I think?) need a release for this bug in OpenSSL?
why should they?
update openssl and restart all daemons which are linking the library and consider replace your certificates / private keys if a service using openssl was reachable from the internet
that's the idea behind shared libraries
_______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : maria-discuss@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp