Patch for Correct fix for CVE-2013-0169 for openssl-.0.9.8y
I'm currenty working with openssl-0.9.8.y. As we can see in the changelog in the official openssl page there is a correct fix concerning the CVE-2013-0169 which is only available at version openssl-1.0.1.e.
My question is when do you plan to included this change at the series 0.9.8??
Is there already prepared patch for 0.9.8y for this issue? If yes where I could download it?
Is it possible to overcome this problem without update to 1.0.1.e?
Also does this issue can lead to "BAD_CLIENT_HANDSHAKE" and dropped valid SSL connections??