CVE-2011-338
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
I am trying to verify if the openssl
env I am working in 0.9.8u is affected or not. I don't beleive it
is because it seems this is NOT a default option that is enabled.
Line from the CVE-2011-338
OpenSSL uses empty fragments as a countermeasure
unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when
OpenSSL is initialized.
My question is where do you add these
'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' initialization options?
Brad
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]