OpenSSL: 1.0.1g 7 Apr 2014 does not include the fixes in: http://www.openssl.org/news/secadv_20140605.txt https://www.openssl.org/news/secadv_20140806.txt https://www.openssl.org/news/secadv_20141015.txt https://www.openssl.org/news/secadv_20150108.txt — Debian EGLIBC 2.17-93 — NTP: 4.2.6.p5+dfsg-2 fixed version: 4.2.6.p5+dfsg-2+deb7u1 https://lists.debian.org/debian-security-announce/2014/msg00298.html
Hello d-fens,
We have passed this along to support.
1 Like
If you need latest openssl - you can use My software repo for fw v4+ (Openssl 1.0.1k available in Sid branch)
1 Like
