Stanley Laufer wrote:
> Does anyone know if Mod_SSL uses the SSL_get_shared_ciphers()
> function from OpenSSL?
> As you may know a buffer overflow has been detected in that
> function in OpenSSL versions prior to 0.9.8d.
> I'm trying to find out if Mod_SSL uses the vulnerable function.

I just checked a couple different versions and did not see that
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl)
User Support Mailing List
Automated List Manager