Welcome! Log In Create A New Profile

Advanced

Inquiry regarding support for OpenSSL 1.0.2i

jhernandez
September 28, 2016 05:38AM
Hello,

We've recently received a notification regarding a vulnerability in
OpenSSL:
OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
This is fixed in OpenSSL v1.0.2i

We're running an Nginx proxy server on Windows 2012 R2 and are currently
using Nginx 1.9.9 - with OpenSSL 1.0.2e
We do plan to upgrade to the latest stable nginx-1.10.1, but it seems
this version for Windows was compiled with OpenSSL 1.0.2*h*.

Any idea when a new stable or mainline version will come out with
OpenSSL 1.0.2i support ?
Alternatively, we're also looking to build a custom 1.10.1 with the
OpenSSL 1.0.2i library with the instructions here:
http://nginx.org/en/docs/howto_build_on_win32.html
But we're not sure if 1.10.1 would support OpenSSL 1.0.2i. Has anyone
tried this approach before ?

Thanks!
-Patrick Hernandez
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Inquiry regarding support for OpenSSL 1.0.2i

jhernandez September 28, 2016 05:38AM

Re: Inquiry regarding support for OpenSSL 1.0.2i

itpp2012 September 28, 2016 08:12AM

Re: Inquiry regarding support for OpenSSL 1.0.2i

Valentin V. Bartenev September 28, 2016 08:32AM

Re: Inquiry regarding support for OpenSSL 1.0.2i

Jonathan Vanasco September 28, 2016 11:52AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 107
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready