Skip Menu |

This queue is for tickets about the Perl-Dist-Strawberry CPAN distribution.

Report information
The Basics
Id: 97606
Status: resolved
Priority: 0/
Queue: Perl-Dist-Strawberry
People
Owner: Nobody in particular
Requestors: rmstudni-five [...] yahoo.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Tue Jul 29 16:03:52 2014 rmstudni-five [...] yahoo.com - Ticket created
Subject: Strawberry PERL distribution with OpenSSL non-vulnerable version available?
Date: Tue, 29 Jul 2014 13:00:57 -0700
To: "bug-Perl-Dist-Strawberry [...] rt.cpan.org" <bug-Perl-Dist-Strawberry [...] rt.cpan.org>
From: "rmstudni-five [...] yahoo.com" <rmstudni-five [...] yahoo.com>
Hi - Help needed.  I am working to remove vulnerabilities related to CVE-2014-0224which is detailed in http://www.openssl.org/news/secadv_20140605.txt from OpenSSL.   To be compliant OpenSSL must be at 1.0.1h, 1.0.0m or 0.9.8za.  Is there going to be a more current version with the updated OpenSSL capabilities included and if so, what is the time frame for the update?   Rhonda Studnick Kaiser

Message body is not shown because it is too large.

  Tue Jul 29 16:18:29 2014 kmx [...] cpan.org - Correspondence added
Subject: Re: [rt.cpan.org #97606] Strawberry PERL distribution with OpenSSL non-vulnerable version available?
Date: Tue, 29 Jul 2014 22:18:15 +0200
To: bug-Perl-Dist-Strawberry [...] rt.cpan.org
From: Karel Miko <kmx [...] cpan.org>
The next strawberry perl release is scheduled for August (approx. a week after perl 5.20.1 is released). It will contain openssl-1.0.1h - the packages are already available at: http://strawberryperl.com/package/kmx/64_libs/gcc48-2014Q3/64bit_openssl-1.0.1h-bin_20140728.zip http://strawberryperl.com/package/kmx/32_libs/gcc48-2014Q3/32bit_openssl-1.0.1h-bin_20140728.zip -- kmx
  Tue Jul 29 16:18:29 2014 The RT System itself - Status changed from 'new' to 'open'
  Tue Jul 29 16:50:01 2014 rmstudni-five [...] yahoo.com - Correspondence added
Subject: Re: [rt.cpan.org #97606] Strawberry PERL distribution with OpenSSL non-vulnerable version available?
Date: Tue, 29 Jul 2014 13:49:51 -0700
To: "bug-Perl-Dist-Strawberry [...] rt.cpan.org" <bug-Perl-Dist-Strawberry [...] rt.cpan.org>
From: "rmstudni-five [...] yahoo.com" <rmstudni-five [...] yahoo.com>
Terrific news - thanks much!   Rhonda Studnick Kaiser On Tuesday, July 29, 2014 1:18 PM, kmx via RT <bug-Perl-Dist-Strawberry@rt.cpan.org> wrote: <URL: https://rt.cpan.org/Ticket/Display.html?id=97606 > The next strawberry perl release is scheduled for August (approx. a week after perl 5.20.1 is released). It will contain openssl-1.0.1h - the packages are already available at: http://strawberryperl.com/package/kmx/64_libs/gcc48-2014Q3/64bit_openssl-1.0.1h-bin_20140728.zip http://strawberryperl.com/package/kmx/32_libs/gcc48-2014Q3/32bit_openssl-1.0.1h-bin_20140728.zip -- kmx
  Wed Sep 17 10:50:50 2014 kmx [...] cpan.org - Status changed from 'open' to 'resolved'