[Ach] Issue with OpenSSL >0.9.8l <1.0.0
Aaron Zauner
azet at azet.org
Fri Apr 25 04:33:29 CEST 2014
s/versions 0.9.8l/versions 0.9.8m/
On Fri, Apr 25, 2014 at 4:32 AM, Aaron Zauner <azet at azet.org> wrote:
> Hi,
>
> It was discovered that our recommendations select an inferior
> Ciphersuite in OpenSSL versions 0.9.8l to at least 1.0.0.
> https://github.com/puppetlabs/puppet/pull/2494#issuecomment-41351666
>
> This seems to be a flaw in how OpenSSL selects algorithms from a given
> suite.
>
> Aaron
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140425/dc50de70/attachment.html>
More information about the Ach
mailing list