OT: OpenSSL 1.0.1f

Lukas Tribus luky-37 at hotmail.com
Mon Jan 6 22:04:58 UTC 2014


> It does not look like 1.0.1f changed the default behavior of
> ENGINE_rdrand (coderman's been following it).

Yes it did, rdrand is no longer enabled by default. Here [1] is
the backport in the OpenSSL_1_0_1-stable head [2].

At least Debian [3] and Ubuntu backported this as well.



[1] http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1c2c5e402a757a63d690bd2390bd6b8b491ef184
[2] http://git.openssl.org/gitweb/?p=openssl.git;a=shortlog;h=refs/heads/OpenSSL_1_0_1-stable
[3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732710 		 	   		  

More information about the nginx mailing list