Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id AA467D867 for ; Tue, 25 Dec 2012 14:35:44 +0000 (UTC) Received: (qmail 42931 invoked by uid 500); 25 Dec 2012 14:35:41 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 42907 invoked by uid 500); 25 Dec 2012 14:35:41 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 42887 invoked by uid 99); 25 Dec 2012 14:35:41 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Dec 2012 14:35:41 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of covener@gmail.com designates 209.85.210.171 as permitted sender) Received: from [209.85.210.171] (HELO mail-ia0-f171.google.com) (209.85.210.171) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 25 Dec 2012 14:35:34 +0000 Received: by mail-ia0-f171.google.com with SMTP id k27so6520687iad.2 for ; Tue, 25 Dec 2012 06:35:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=KBnaEDmKMdLSlojA14TOjV+MkM1YbgcDbkDSubK75zk=; b=vLItzulPuNc/YYIQNZ1I50LfvTZ+r6N7K/gyVQlyy8Dxw5Tk7zRSNSH97tFTh2XgvY akTXvzIjIxDlKubjpXYSsJeQQQ4dz3pk2STsWTBd+t7fS/RGpM1I9Hh9RWGoN0FREdir ft58BjLFgFAt2pSix9q1vfiC0dUwe5Te3CHxI8LqBJe2+r0lmb9bY8PWPPfdwnPcVe4p UlFH/KOA3UPilaFZ2BB4BIlSKBo1EmxZ7zo12S8O2uX5MoMLWMKdUQhtCwLwC6NxjTy8 nH+NX1Vp61CYogqNVmcYw10oCVfVJF7GLgSDEx+8YtWAp6Jn4mwsV+aptcrAFl+2A66x fX0Q== MIME-Version: 1.0 Received: by 10.42.46.141 with SMTP id k13mr19147429icf.46.1356446114037; Tue, 25 Dec 2012 06:35:14 -0800 (PST) Received: by 10.42.122.76 with HTTP; Tue, 25 Dec 2012 06:35:13 -0800 (PST) In-Reply-To: <1355995994.7815.YahooMailNeo@web163403.mail.gq1.yahoo.com> References: <1355995994.7815.YahooMailNeo@web163403.mail.gq1.yahoo.com> Date: Tue, 25 Dec 2012 09:35:13 -0500 Message-ID: From: Eric Covener To: users@httpd.apache.org, Gorkem Durgut Content-Type: text/plain; charset=ISO-8859-1 X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] Apache 2.2.x and CVE-2012-2333 > I do not have deeper knowledge about protocols but I think as follows: DTLS > means TLS for datagram packets so it means http does not use DTLS, right? On > the other hand, TLS is affected in OpenSSL 1.0.1 and later which means > 0.9.8-related version is not affected, right? > > Thus, can I imply that OpenSSL 0.9.8t version used with Apache httpd 2.2.22 > is not affected with this vulnerability? That's how I interpret the CVE as well. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org