[erlang-questions] Does Erlang/OTP SSL app have heartbleed vulnerability?

Kenji Rikitake kenji@REDACTED
Tue Apr 8 18:48:27 CEST 2014

++> Ingela Andin <ingela.andin@REDACTED> [2014-04-08 09:38:03 +0200]:
> 2014-04-08 6:37 GMT+02:00 Danil Zagoskin <z@REDACTED>:
> > So, should anyone using SSL in OTP immediately upgrade openssl to fix this
> > bug?
> Well not for the sake of Erlang, but this is probably a good idea anyway.

On Erlang R16B03-1 and coming 17.0, OpenSSL libraries are dynamically linked.
Check the version with crypto:info_lib().

Kenji Rikitake

More information about the erlang-questions mailing list