[Ach] Issue with OpenSSL >0.9.8l <1.0.0

Aaron Zauner azet at azet.org
Fri Apr 25 04:32:17 CEST 2014

Previous message: [Ach] debian hardening
Next message: [Ach] Issue with OpenSSL >0.9.8l <1.0.0
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

It was discovered that our recommendations select an inferior
Ciphersuite in OpenSSL versions 0.9.8l to at least 1.0.0.
https://github.com/puppetlabs/puppet/pull/2494#issuecomment-41351666

This seems to be a flaw in how OpenSSL selects algorithms from a given
suite.

Aaron

Previous message: [Ach] debian hardening
Next message: [Ach] Issue with OpenSSL >0.9.8l <1.0.0
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Ach mailing list