[Ach] FREAK Attack

Raoul Bhatia raoul at bhatia.at
Wed Mar 4 15:18:32 CET 2015

On 2015-03-03 23:53, Aaron Zauner wrote:
> Hi,
> It seems one of the OpenSSL CVEs from the 8th of jan. got a nice
> catchy name for itself now as well: https://freakattack.com/
> For people that do not follow OpenSSL advisorys closely, TL;DR:
> If you're using an unpatched OpenSSL version or have a cipherstring
> that allows for RSA_EXPORT you really should be updating by now.

Do I correctly conclude that
I am safe if I have followed the ACH guide?

DI (FH) Raoul Bhatia M.Sc.     |   E-Mail.  raoul at bhatia.at
Software Development and       |   Web.     http://raoul.bhatia.at/
System Administration          |   Tel.     +43 699 10132530

More information about the Ach mailing list