I use OpenSSL0.9.5a, but the patch doesn't exist about CVE-2006-4339.
So I have some questions for the following reports.

> OpenSSL Security Advisory [5th September 2006]
> http://www.openssl.org/news/secadv_20060905.txt

1. Is there CVE-2006-4339 vulnerability in a version that is older than 0.9.5series?
2. How can I get this patch for 0.9.5a?

Best regards
Kazuaki Utsunomiya

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org