Am 08.04.2014 um 23:08 schrieb Keith Keller <kkeller at wombat.san-francisco.ca.us>: > On 2014-04-08, Robert Arkiletian <robark at gmail.com> wrote: >> >> if you include libcrypto in the grep then sshd is affected. > > That's unfortunate. :( Is the bug in libssl, libcrypto, or both? looking inside - its seems that this issue (cve-2014-0160) is resolved in ssl/d1_both.c and ssl/t1_lib.c and not in files under crypto/ ... to say more i have to take a look into the build process. -- LF