10 Apr
2014
10 Apr
'14
9:08 p.m.
Hi, Peter! On Apr 10, Peter Laursen wrote:
What about this http://security.stackexchange.com/questions/55249/what-clients-are-proven-to... 5.5.36 is listed).
And what about the C-API?
MariaDB 5.5.36 is vulnerable when it is built with system OpenSSL and system OpenSSL is vulnerable. Just as any executable, linked with OpenSSL. The fix is to upgrade system OpenSSL. That's why we prefer to link with system dynamic libraries, not with bundled static ones. Regards, Sergei