[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and Openssl bug CVE-2014-0160

On Tue, Apr 8, 2014, at 12:17 AM, Roger Dingledine wrote:
> A new OpenSSL vulnerability on 1.0.1 through 1.0.1f is out today,
> which can be used to reveal up to 64kB of memory to a connected client
> or server.
> https://blog.torproject.org/blog/openssl-bug-cve-2014-0160
> The short version is: upgrade your openssl (unless you're running an
> old one), and also more packages coming soon.
> --Roger

So this is the openssl *binary*, the version of which is found by typing
 openssl version
not some library used when compiling Tor?
 If the latter, how do we find the version?

http://www.fastmail.fm - Access all of your messages and folders
                          wherever you are

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to