Apache OpenOffice (AOO) Bugzilla – Issue 106876
Update OpenSSL library
Last modified: 2017-05-20 09:23:58 UTC
The currently in OOo used OpenSSL version 0.9.8k is effected by the TLS/SSL renegotiation issue (CVE-2009-3555). The OpenSSL version 0.9.8l fixes this vulnerability. Please update.
Set target milestone OOo 3.2
adding to stopper meta issue
Created attachment 66086 [details] neon patch
I don't think you'll need the above patch to neon for openssl 0.9.8l, I think its only needed for openssl 1.0.0. But just in case you get a link error in neon after upgrading openssl, then the above is the upstream fix for it.
fixed in tkr30
TKR->TM: Please verify on all platforms. To verify: Open a HTTPS connection.
Checked and verified in cws tkr30 -> OK !