On Tue, Apr 8, 2014, at 12:17 AM, Roger Dingledine wrote: > A new OpenSSL vulnerability on 1.0.1 through 1.0.1f is out today, > which can be used to reveal up to 64kB of memory to a connected client > or server. > > https://blog.torproject.org/blog/openssl-bug-cve-2014-0160 > > The short version is: upgrade your openssl (unless you're running an > old one), and also more packages coming soon. > > --Roger
So this is the openssl *binary*, the version of which is found by typing openssl version not some library used when compiling Tor? If the latter, how do we find the version? GD -- http://www.fastmail.fm - Access all of your messages and folders wherever you are -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
