Linux distributions as well BSDs and other Unix distributions also typically don't update versions during a release, they only apply bugfixes and security fixes. Apple shipped an old version of Ruby for a very long time, and they generally don't update during a release cycle, only in between releases. Since it is deprecated, newer software (which would possibly rely on newer features) shouldn't use it anyway, and older software which still uses it doesn't use the new features (because they didn't exist) and might even be broken by an update, so why bother?Īs long as the OpenSSL community still maintains the 0.9.8 branch, Apple doesn't even have to do the work of backporting patches. This is an older version of the Pages app, as indicated by the Update banner Another. If the app has an Update banner, that is usually a good indicator that it is an older version of the app. My best guess is that 0.9.8 is the version they did their compatibility testing with, and upgrading to a newer version would require a completely new round of testing for a component that is deprecated anyway. If you arent familiar with Apple products, it can be difficult to fully understand what youre looking at when you see an unusual file extension. That is something you will have to ask Apple. My question is: Why is Apple using an older Version of OpenSSL? Is it because of deprecated functions in Version 1.0 or what is the reason behind it? Visit Archive-It to build and browse the collections. I browsed through the official OpenSSL page, and there I could get Version 1.0.2.Īpple is updating OpenSSL to 0.9.8zg, which is just 2 months old, and only 4 weeks older than 1.0.2d. Archive-It enables you to capture, manage and search collections of digital content without any technical expertise or hosting facilities. With the newest OS X Update ( 10.10.5), Apple is introducing OpenSSL 0.9.8. So, in other words, the version you are later suggesting as an alternative, 1.0.2, was just as vulnerable as 0.9.8 was, and both were fixed at the same time. After you click Install, you’ll see a popup like the one below indicating that there is an older version of. When you locate the app, click the Install button. Keep holding the Shift key until you see the login screen and then release. If you click on the link you posted in your question, you will see that this update patches a number of vulnerabilities which exist identically in OpenSSL 0.9.8, 1.0.0, 1.0.1, and 1.0.2. Having purchased the app, head over to your older iOS device and search for the exact app in the App Store or click on the Purchased icon in the lower navigation bar. Turn on your Mac and immediately press and hold the Shift key. Why is Apple using a vulnerable version of OpenSSL?
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |