FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Heartbleed bug?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Heartbleed bug? [message #185547 is a reply to message #185543] Thu, 10 April 2014 16:36 Go to previous messageGo to previous message
Jerry Stuckle is currently offline  Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
Senior Member
On 4/10/2014 8:03 AM, Christoph Michael Becker wrote:
> Jerry Stuckle wrote:
>
>> On 4/10/2014 2:51 AM, Arno Welzel wrote:
>>> Jerry Stuckle, 2014-04-09 19:37:
>>>
>>>> On 4/9/2014 11:43 AM, Christoph Michael Becker wrote:
>>> [...]
>>>> > ACK. However, the Windows x86 builds of PHP 5.5.11 shipped OpenSSL
>>>> > 1.0.1f (6 Jan 2014) and have been updated to ship OpenSSL 1.0.1g (7 Apr
>>>> > 2014) just a few hours ago. (The x64 builds are currently being worked
>>>> > on.) So obviously PHP's OpenSSL extension is affected by the
>>>> > "heartbleed" bug (at least on Windows).
>>>>
>>>> Does it? Or does it mean they just want to keep up with the latest
>>>> release? And if it does affect PHP, what functions does it affect, and
>>>> how does it affect them?
>>>
>>> I assume PHP does keep up with the latest release because they *are*
>>> affected by the bug e.g. in stream_socket_enable_crypto().
>>
>> You can ASS-U-ME all you want. I go by the facts. And if I were
>> concerned about PHP being involved, I would ask the OpenSSL people.
>
> I would rather as k the PHP people, because they know best in which way
> PHP uses OpenSSL. Fortunately, that is not necessary anymore:
>
> <news:li4lve$l1h$1(at)dont-email(dot)me>
>

You can ask PHP people all you want. But if you want a GOOD answer, ask
the people who know the code surrounding the bug.

PHP people don't typically know the insides of OpenSSL, and how it
works. Therefore they don't know what PHP functions may be involved.

And those who think they do know are only showing how little they really
know. But then some people think because they can code PHP they are
experts in EVERYTHING.

--
==================
Remove the "x" from my email address
Jerry Stuckle
jstucklex(at)attglobal(dot)net
==================
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: cURL and response code 302
Next Topic: PHP Parse error: syntax error, unexpected '$sql' (T_VARIABLE) in
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Nov 30 23:38:06 GMT 2024

Total time taken to generate the page: 0.04413 seconds