logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: New download using openssl 1.1.1q?
Author
jjaimez



Joined: 15 Mar 2022
Posts: 4
Location: USA, Memphis

PostPosted: Tue 19 Jul '22 17:38    Post subject: New download using openssl 1.1.1q? Reply with quote

Will there be an upcoming release for Win64 that is built with OpenSSL 1.1.1q? There is a CVE that is out causing our network scanners to flag this as a vulnerable asset in our company and it requires an updated version for us to correct. Thank you for any info you can share with a timeframe (if available)
Back to top
admin
Site Admin


Joined: 15 Oct 2005
Posts: 688

PostPosted: Tue 19 Jul '22 18:27    Post subject: Reply with quote

See : https://www.apachelounge.com/viewtopic.php?t=8926

And : https://www.apachelounge.com/viewtopic.php?t=8925
Back to top
jjaimez



Joined: 15 Mar 2022
Posts: 4
Location: USA, Memphis

PostPosted: Wed 20 Jul '22 15:55    Post subject: Reply with quote

I have seen those posts already and they did not help my situation but thank you for the reply. Do you know if there is a way or method to update the OpenSSL version I currently have running?
Back to top
admin
Site Admin


Joined: 15 Oct 2005
Posts: 688

PostPosted: Wed 20 Jul '22 16:23    Post subject: Reply with quote

What problem in your company is solved by using version q ?
Back to top
jjaimez



Joined: 15 Mar 2022
Posts: 4
Location: USA, Memphis

PostPosted: Wed 20 Jul '22 18:10    Post subject: Reply with quote

Our network security scanning unit has detected CVE-2022-2097 against the server I support. It is not 32 bit but I am not sure the company cares about that. It appears they only want the issue resolved. Sorry for the delay in responding.
Back to top
kostya



Joined: 07 Dec 2023
Posts: 8
Location: Israel

PostPosted: Thu 07 Dec '23 16:01    Post subject: httpd-2.4.58-win32-vs17 with latest o1.1.1w Reply with quote

Is there a plan to release an updated build with 01.1.1w?
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3093
Location: Hilversum, NL, EU

PostPosted: Thu 07 Dec '23 16:08    Post subject: Reply with quote

No plans
Back to top
kostya



Joined: 07 Dec 2023
Posts: 8
Location: Israel

PostPosted: Thu 07 Dec '23 16:44    Post subject: Reply with quote

So, the only way to get it is using CMake?
Back to top
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3093
Location: Hilversum, NL, EU

PostPosted: Thu 07 Dec '23 17:36    Post subject: Reply with quote

OpenSSL 1.1.1 series has reached its End of Life (EOL). As such it will no longer receive publicly available security fixes.
Back to top
kostya



Joined: 07 Dec 2023
Posts: 8
Location: Israel

PostPosted: Tue 12 Dec '23 14:23    Post subject: update to latest o1.1.1w Reply with quote

Is there a way to update only the openssl version to latest 1.1.1w manually by changing specific files?
Back to top


Reply to topic   Topic: New download using openssl 1.1.1q? View previous topic :: View next topic
Post new topic   Forum Index -> Apache