Does anyone know if Mod_SSL uses the SSL_get_shared_ciphers()
function from OpenSSL?

As you may know a buffer overflow has been detected in that
function in OpenSSL versions prior to 0.9.8d.

I'm trying to find out if Mod_SSL uses the vulnerable function.

Thanks in advance.



Stanley E. Laufer
Network Administrator
School of Library and Information Science
San Jose State University

__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org