On 08/01/2016 18:43, Salz, Rich wrote: > Are you going to keep posting and posting until you get a response? :( > > Master branch, 1.1, is not released but will not be vulnerable (may already be fixed) > 1.0.2 is not vulnerable. > 1.0.1f and later are not vulnerable. > 1.0.0 might be, and is end of life anyway so you should move of that. > 0.9.8 is also end of life, but does not do TLS 1.2 so is not vulnerable. If you read the description of SLOTH (linked in the OP), you will see that it is not limited to TLS 1.2 and probably affects the TLS/SSL versions implemented by older (end of life) OpenSSL versions such as 0.9.8. Basically, it is a laundry list of ways that backward compatible hash uses in the SSL/TLS protocols are weaker than some people assume. Their summary list doesn't even consider the possibility that some people still need to use TLS 1.1 or older, so barely mentions those. This also means that completely protecting an implementation against SLOTH is not possible without breaking interoperability with implementations that are not or cannot be updated to the latest protocol versions and features (This happens to include some widely deployed embedded operating systems). Now it so happens that SLOTH also includes an attack on implementation bugs that can be tricked into using/accepting MD5-based signatures when they shouldn't. That *particular* aspect of SLOTH was apparently fixed in 1.0.1f and 1.0.2. The entire discussion would have been easier if the SLOTH team at INRIA had given specific names and CVE ids for each of the issues in their report, such that one might say "SLOTH-1: Never vulnerable, SLOTH-2: Fixed in 1.0.1f, SLOTH-3: hypothetical for now, can be fixed with a cipher string setting, etc. etc." But no such names exist. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160111/c2938986/attachment.html>
