[openssl-users] POODLE attack on TLS1.2
Matt Caswell
matt at openssl.org
Mon Feb 27 12:14:48 UTC 2017
On 27/02/17 12:03, Akshar Kanak wrote:
> Dear Team
> In https://en.wikipedia.org/wiki/POODLE , It is mentioned that
> POODLE attack is possible aganist *TLS *also . has this issue been
> alredy addressed in openssl .
This was never an issue in OpenSSL - so there is nothing to address.
This issue only affected certain implementations that did not correctly
handle TLS padding (notably F5 and A10 devices). See:
https://www.imperialviolet.org/2014/12/08/poodleagain.html
Matt
More information about the openssl-users
mailing list