http://www.openssl.org/news/secadv_20140407.txt

Hi Tomcat Devs,

I have been on the dev list for a few years, and a tomcat developer longer
than that.  While I haven't contributed yet, I was curious if this cve
needs a contribution.  As far as I can tell, if you recompile your native
libs with the unaffected version of SSL, you will not be vulnerable to this
CVE.

Is that assumption correct or does there need to be a change to tcnative?

-- 
With Regards,
Andrew Carr

e. andrewlanec...@gmail.com
w. andrew.c...@openlogic.com
h. 4235255668
c. 4239489852
a. 101 Francis Drive, Greeneville, TN, 37743

Reply via email to