httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] Apache 2.2.x and CVE-2012-2333
Date Tue, 25 Dec 2012 14:35:13 GMT
> I do not have deeper knowledge about protocols but I think as follows: DTLS
> means TLS for datagram packets so it means http does not use DTLS, right? On
> the other hand, TLS is affected in OpenSSL 1.0.1 and later which means
> 0.9.8-related version is not affected, right?
>
> Thus, can I imply that OpenSSL 0.9.8t version used with Apache httpd 2.2.22
> is not affected with this vulnerability?

That's how I interpret the CVE as well.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message