Kyle Hamilton wrote:
> First: This is something to go to openssl-users, not openssl-dev.
> (You are attempting to use the library, not develop inside the
> library.)
>
> Next: Why on earth are you using such an outdated version? The
> supported versions are 0.9.7m and 0.9.8g. 0.9.2b is from 1999, and
> there have been 8 years of continued development on them.
There are products in production networks now that have old
version of OpenSSL. Vendors typically react poorly, in my experience,
to suggestions they should update to, oh, say, the most recent
version as recommended by the OpenSSL team ;-)
So, yeah, this was off-topic, but unfortunately you should not
assume this person is running an old system - they could have
received 0.9.2b from some vendor just recently.
Apparently it hasn't occured to some vendors that the vulnerabilities
the OpenSSL team repair might actually affect real products in the
field. And THAT is a development issue.
______________________________________________________________________
OpenSSL Project
http://www.openssl.orgDevelopment Mailing List
openssl-dev@...
Automated List Manager
majordomo@...
