Author Topic: Unpatched CVE in openssl 1.1.1 (Read 3326 times)

andyj · « **Reply #15 on:** December 20, 2023, 10:02:12 AM »

PHP 7.4 and 8.0 don't support openssl 3.2, and they are end of life anyway. PHP 8.1, 8.2, and 8.3 are compiled for openssl 3.2. Are you sure you have the latest versions?

CNK · « **Reply #16 on:** December 24, 2023, 01:58:09 AM »

I'm not trying to nag anyone, but I notice that extension updates keep rolling in, but the ones I've submitted haven't been accepted. I submitted updated links-full.tcz around 2023/12/13 (as well as an extension for xzgv on x86_64). More recently I sent mosh.tcz and sylpheed.tcz rebuilt for OpenSSL 3.2 on 2023/12/22.

The attachments were bcrypted and I haven't seen a rejection message sent back to my email server from Google, as happened before.

Around when I submitted links-full.tcz, I also made an updated dillo.tcz extension for x86_64 and sent a PM to neonix on the 12th of Dec. asking whether I should submit it, or if he would like to build an updated extension using the patch I made to add support for SNI over HTTPS. But I haven't received a response.

Juanito · « **Reply #17 on:** December 24, 2023, 06:33:56 AM »

I’ve been busy/traveling..

CNK · « **Reply #18 on:** December 25, 2023, 12:35:54 AM »

No problem Juanito, and thanks! I'm just paranoid about my emails getting silently rejected/filtered.

Tiny Core Linux

News:

Author Topic: Unpatched CVE in openssl 1.1.1 (Read 3326 times)

andyj

Re: Unpatched CVE in openssl 1.1.1

CNK

Re: Unpatched CVE in openssl 1.1.1

Juanito

Re: Unpatched CVE in openssl 1.1.1

CNK

Re: Unpatched CVE in openssl 1.1.1