[openssl-users] CVE-2014- and OpenSSL?
Amarendra Godbole
amarendra.godbole at gmail.com
Tue Dec 9 15:54:55 EST 2014
On Tue, Dec 9, 2014 at 11:26 AM, Salz, Rich <rsalz at akamai.com> wrote:
>> I also received a notification from Symantec's DeepSight, that states:
>> "OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure
>> Vulnerability".
>
> Did Symantic really label it an OpenSSL CVE? That's wrong.
>
> OpenSSL does not have this defect.
[...]
Possible - these are automated feeds, and things can get mixed up.
Thanks for the clarification.
-Amarendra
More information about the openssl-users
mailing list