Wladimir J. van der Laan 6e7c4d17d8 gitian: upgrade OpenSSL to 1.0.1h ...

Upgrade for https://www.openssl.org/news/secadv_20140605.txt

Just in case - there is no vulnerability that affects ecdsa signing or
verification.

The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.

As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.

The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.

2014-06-05 17:24:38 +02:00

6.1 KiB

Raw Blame History

View Raw