OpenSSL

[Ned Deily]

In article <2628775.Ob0fHhrzob at patux>,
 René J.V. Bertin <rjvbertin at gmail.com> wrote:
> I wonder, how feasible would it be to replace the system OpenSSL with the one 
> from MacPorts? If security updates are pushed this quickly it would make 
> sense for just about any OS X version, but even more so for those of us still 
> running 10.6 ...

Don't even think of that!  First, as you may know, most Apple-supplied 
programs don't use OpenSSL anyway (at least since 10.7 when it was 
officially deprecated).  Second, the Heartbleed bug only applies to 
OpenSSL 1.0.1 through 1.0.1f.  Apple has never shipped a version of 
OpenSSL later than 0.9.8.

-- 
 Ned Deily,
 nad at acm.org