Skip Menu |
 

This queue is for tickets about the Perl-Dist-Strawberry CPAN distribution.

Report information
The Basics
Id: 94531
Status: resolved
Priority: 0/
Queue: Perl-Dist-Strawberry

People
Owner: Nobody in particular
Requestors: dolmen [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: (no value)
Fixed in: (no value)



Subject: security: OpenSSL heartbleed bug
Download (untitled) / with headers
text/plain 411b
According to the release notes, all StrawberryPerl releases since at least 5.16.0.1 use OpenSSL 1.0.1c to 1.0.1e. Those versions are vulnerable to the « OpenSSL heartbleed bug » which is a major security issue as it may reveal internal OpenSSL state (such as keys) to the other party. http://heartbleed.com/ https://www.openssl.org/news/secadv_20140407.txt -- Olivier Mengué - http://perlresume.org/DOLMEN
Subject: Re: [rt.cpan.org #94531] security: OpenSSL heartbleed bug
Date: Tue, 08 Apr 2014 11:06:29 +0200
To: bug-Perl-Dist-Strawberry [...] rt.cpan.org
From: kmx <kmx [...] volny.cz>
Thanks for your report, I'll upgrade openssl to 1.0.1g -- kmx


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.