On 08/04/14 13:41, Alan DeKok wrote: > Yes. And unfortunately there's no run-time check to say that OpenSSL > has been patched to address the vulnerability. <sigh> And AFAICT no run-time way to disable the extension. Grumble.