Archived
This forum has been archived. Please start a new discussion on GitHub.
Rebuild for new OpenSSL vulnerability
With regard to the latest OpenSSL vulnerabilities, fixed with OpenSSL 1.0.1h, will the ThirdPartySources be updated and the ZeroC binary packages be updated to resolve the currently present security bugs? Is there an ETA for this?
Does ZeroC proactively track security issues in its dependent packages?
Kind regards,
Roger Leigh
Does ZeroC proactively track security issues in its dependent packages?
Kind regards,
Roger Leigh
0
Comments
-
We will shortly updates the Windows installers and the third party source packages, after we test there isn't any compatibility issues. For Linux and OS X where we use the system OpenSSL libraries you will need to wait until the distributions provide the updates.0
-
Hi Roger,
Ice distributions that include the latest openssl-1.0.1h are available in our download page, see the announcement for details.0 -
Re: Rebuild for new OpenSSL vulnerability
Sorry for not replying sooner, but I just wanted to say thank you for making the rebuilt third party sources available so quickly. We were able to rebuild all our dependent packages shortly afterward.
Thanks again,
Roger0