2014-04-18 18:54 GMT+04:00 sebb <seb...@gmail.com>: > On 18 April 2014 14:56, Apache Wiki <wikidi...@apache.org> wrote: > >> The "Security/Heartbleed" page has been changed by KonstantinKolinko: > >> https://wiki.apache.org/tomcat/Security/Heartbleed?action=diff&rev1=10&rev2=11 >> + 1. Update OpenSSL to a version that includes the fix. The natural version >> number for this is 1.0.1g, though some package maintainers have chosen to >> back-port their fixes to versions with a lower patch-level. Among such >> maintainers are Debian and probably also Debian-based distributions such as >> Ubuntu.<<BR>><<BR>>Tomcat Native 1.1.30 and later include patched versions >> of OpenSSL.<<BR>><<BR>>To install updated Tomcat Native on Windows without >> updating Tomcat itself you have to >> [[http://tomcat.apache.org/download-native.cgi|download it]] and replace >> `tcnative-1.dll` in your installation with a new one. > > Just wondering - is tcnative-1.dll backwards compatible with all > versions of Tomcat? > i.e. if they have an old version of Tomcat and just replace tcnative > will that work OK? > > Might be worth pointing to a page that describes the version compatibility.
It should be. New methods are added (and used by newer versions of Tomcat) but old ones are not removed. Of course, nobody tested all combinations, and the license applies (no warranty etc.). Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
