Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] Security audit for Eclipse Mosquitto

> > they would like to know what to do when a new OpenSSL CVE is reported
> > publicly:

OpenSSL is linked dynamically, so installing an updated version is
sufficient. That means going from e.g. 1.1.1x to 1.1.1y, not from
1.1.1x to 3.0.0.

Regards,

Roger


Back to the top