Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the Perl-Dist-Strawberry CPAN distribution.

Report information
The Basics
Id:
94531
Status:
resolved
Priority:
Low/Low

People
Owner:
Nobody in particular
Requestors:
dolmen [...] cpan.org
Cc:
AdminCc:

BugTracker
Severity:
Critical
Broken in:
(no value)
Fixed in:
(no value)



Subject: security: OpenSSL heartbleed bug
According to the release notes, all StrawberryPerl releases since at least 5.16.0.1 use OpenSSL 1.0.1c to 1.0.1e. Those versions are vulnerable to the « OpenSSL heartbleed bug » which is a major security issue as it may reveal internal OpenSSL state (such as keys) to the other party. http://heartbleed.com/ https://www.openssl.org/news/secadv_20140407.txt -- Olivier Mengué - http://perlresume.org/DOLMEN
Subject: Re: [rt.cpan.org #94531] security: OpenSSL heartbleed bug
Date: Tue, 08 Apr 2014 11:06:29 +0200
To: bug-Perl-Dist-Strawberry@rt.cpan.org
From: kmx <kmx@volny.cz>
Thanks for your report, I'll upgrade openssl to 1.0.1g -- kmx


This service runs on Request Tracker, is sponsored by The Perl Foundation, and maintained by Best Practical Solutions.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.