[openssl-users] CVE-2014- and OpenSSL?
Arthur Tsang
arthur_tsang at hotmail.com
Tue Dec 9 15:30:58 EST 2014
Hi Rich,
do we have some formal announcement that openssl is not vulnerable for
POODLE in TLS? or can you explain why Openssl is not affected? if
symantec is issuing notification like that, i guess, a lot of management
will demand explanations. Thanks,
Thanks,
Arthur
On Tue, Dec 9, 2014 at 11:26 AM, Salz, Rich <rsalz at akamai.com> wrote:
> > I also received a notification from Symantec's DeepSight, that states:
> > "OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure
> > Vulnerability".
>
> Did Symantic really label it an OpenSSL CVE? That's wrong.
>
> OpenSSL does not have this defect.
>
> /r$
>
> _______________________________________________
> openssl-users mailing list
> openssl-users at openssl.org
> https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
>
>
--
Thanks,
Arthur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20141209/32d34f54/attachment.html>
More information about the openssl-users
mailing list