tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Arlo White <awh...@calpoly.edu>
Subject Re: Does the HeartBleed vulnerability affect Apache Tomcat servers using Tomcat Native?
Date Tue, 08 Apr 2014 23:36:16 GMT
After updating OpenSSL I simply restarted Tomcat to eliminate the 
vulnerability. (Checked http://filippo.io/Heartbleed before and after)
I built APR and Tomcat Native from source on the server, so I assume 
it's doing dynamic library loading.

Is the binary build staticly linked? Otherwise, I'm not sure it's 
necessary to redo the builds.

On 04/08/2014 03:30 PM, Jeffrey Janner wrote:
>> -----Original Message-----
>> From: Jeffrey Janner [mailto:Jeffrey.Janner@PolyDyne.com]
>> Sent: Tuesday, April 08, 2014 5:14 PM
>> To: 'Tomcat Users List'
>> Subject: RE: Does the HeartBleed vulnerability affect Apache Tomcat
>> servers using Tomcat Native?
>>
>> Ognjen,
>> Has anyone entered a bugzilla request for this one?
>> Jeff
>>
> Answering myself:
> https://issues.apache.org/bugzilla/show_bug.cgi?id=56363
> Might I suggest folks please go vote this one up big time!
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message