CVE-2014- and OpenSSL?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: CVE-2014- and OpenSSL?
From: rsalz@xxxxxxxxxx (Salz, Rich)
Date: Tue, 9 Dec 2014 14:52:16 -0500
In-reply-to: <29708C6ADBFC724F9F92546A0AE135AC334FA5D6@G4W3229.americas.hpqcorp.net>
References: <CAC1DtR=bjDOs+b8FiYqY8uF3hkrAriexkGmm7QcKtmB7t4awMg@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D54B7BEB3@USMBX1.msg.corp.akamai.com> <29708C6ADBFC724F9F92546A0AE135AC334FA5D6@G4W3229.americas.hpqcorp.net>

> Does this mean that openssl is not vulnerable to this issue even if TLS 1.0/TLS 1.1 are enabled?
> Are all versions of openssl (0.9.8* and 1.0.1*) free from impact?

OpenSSL does not have this defect.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

References:
- CVE-2014- and OpenSSL?
  - From: Amarendra Godbole
- CVE-2014- and OpenSSL?
  - From: Salz, Rich
- CVE-2014- and OpenSSL?
  - From: Mitra, Rituparna (STSD)

Prev by Date: Help with using a dynamic engine with SSL_CTX
Next by Date: Freeze to mailing list memberships
Previous by thread: CVE-2014- and OpenSSL?
Next by thread: CVE-2014- and OpenSSL?
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux