Search squid archive

Re: Squid - impact of TLS/SSL vulnerability?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Nov 18, 2009 at 10:25 PM, The Psycho Chicken
<psychochicken@xxxxxxxxxxxxxxxxxxxx> wrote:
> Hi,
>
> Has anyone looked at the impact of the recent TLS/SSL vulnerability
> (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555) on Squid? If
> you're using Squid as a HTTPS reverse proxy then it has SSL exposed to the
> Internet.
>
> I haven't noticed anything in the mailing lists.

Squid is as vulnerable as any other product based on SSL.
Unfortunately there's not much we developers can do. The burden falls
on the (open)ssl library implementors, and all we can do is wait.
Some OS vendors have already started shipping an updated ssl library
which somehow plugs the hole. After that (dynamic) library has been
installed on the host OS, Squid (after a restart at most) is
immediately protected from the flaw.


-- 
    /kinkie

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux