Stanley Laufer wrote:
> Does anyone know if Mod_SSL uses the SSL_get_shared_ciphers()
> function from OpenSSL?
>
> As you may know a buffer overflow has been detected in that
> function in OpenSSL versions prior to 0.9.8d.
>
> I'm trying to find out if Mod_SSL uses the vulnerable function.


I just checked a couple different versions and did not see that
function.
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org