Re: The SWEET32 Issue, CVE-2016-2183 on Openssl package.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Hi All,

 Please respond to my below query. 

Currently we are using  openssl_1_0_2r version and we ran the Nessus tool on  this openssl version  code found The SWEET32  (https://www.openssl.org/blog/blog/2016/08/24/sweet32/) Issue.  So to resolve that issue  I am trying to disable the ‘3des’  ciphers  or to
use only HIGH ciphers instead.  Can you please providing  some inputs for making openssl package to use only   HIGH ciphers or  let me know how to disable ‘3des’ cipher in openssl ( I   already tried by keeping “no-3des” but it doesn’t work).

Thanks & Regards
kalyan



 

On Thu, 4 Jul 2019 at 15:06, Matt Caswell <matt@xxxxxxxxxxx> wrote:


On 04/07/2019 05:36, bhyri kalyan wrote:
> Hi Team,
>
> I already subscribed to mailing list still getting this notice.so can you please
> respond to my below query.

I couldn't see your name in the subscriber list, so it looks like your
subscription request did not work for some reason. Anyway I have manually
subscribed you now.

Please resend your email to openssl-users@xxxxxxxxxxx, and hopefully it should
go through this time.

Matt


>
> Thanks,
> kalyan
>
>
> On Thu, 4 Jul 2019 at 09:22, <openssl-users-owner@xxxxxxxxxxx
> <mailto:openssl-users-owner@xxxxxxxxxxx>> wrote:
>
>     In order to post a message to this mailing list, you must be
>     subscribed to it.
>
>     Please visit https://mta.openssl.org/mailman/listinfo to join any
>     openssl mailing lists.
>
>     If you are subscribed, but still get this notice, you can send email
>     to openssl-users-owner@xxxxxxxxxxx <mailto:openssl-users-owner@xxxxxxxxxxx>.
>
>
>
>
>     ---------- Forwarded message ----------
>     From: bhyri kalyan <bhyri.k@xxxxxxxxx <mailto:bhyri.k@xxxxxxxxx>>
>     To: openssl-users@xxxxxxxxxxx <mailto:openssl-users@xxxxxxxxxxx>
>     Cc: 
>     Bcc: 
>     Date: Thu, 4 Jul 2019 09:21:53 +0530
>     Subject: The SWEET32 Issue, CVE-2016-2183 on Openssl package.
>
>     Hi All,
>
>
>     Currently we are using  openssl_1_0_2r version and we ran the Nessus tool on
>     this openssl version  code found The SWEET32
>     <https://www.openssl.org/blog/blog/2016/08/24/sweet32/> Issue.
>
>     So to resolve that issue  I am trying to disable the ‘3des’  ciphers  or to
>     use only HIGH ciphers instead.
>
>     Can you please providing  some inputs for making openssl package to use only
>     HIGH ciphers or  let me know how to disable ‘3des’ cipher in openssl ( I
>     already tried by keeping “no-3des” but it doesn’t work).
>
>
>     Thanks,
>
>     kalyan
>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux