[openssl-users] openSSL and SLOTH attack

Miriam Celi mceli at us.ibm.com
Fri Jan 8 15:50:42 UTC 2016

Hello again OpenSSL users,

I'm still trying to find out if the 1.0.2 and 1.0.0 branches are affected,
and if so which versions and if there are versions with fixes available.

Based on the changelog for the 1.0.2 branch
(http://openssl.org/news/cl102.txt), version 1.0.1f which contains the fix
was released (Jan 2014) prior to OpenSSL 1.0.2 (Jan 2015), so 1.0.2d should
contain the fix for this, but we are not sure about this and would like
confirmation on this. 

Based on the changelog for the 1.0.1
(https://www.openssl.org/news/cl101.txt) and 1.0.0
(http://openssl.org/news/cl100.txt) branches, version 1.0.1f was released
prior to 1.0.0r (Mar 2015), so 1.0.0r should contain the fix for this, but
again we are not sure and would like confirmation.

The detailed technical paper
(http://www.mitls.org/downloads/transcript-collisions.pdf) that was
published with the attack disclosure, describes a vector for an MD5 based
attack against TLS 1.0 and TLS 1.1. So, there's a possibility for an OpenSSL
1.0.0 version to be vulnerable.

Thanks for any additional information you can provide on this.


More information about the openssl-users mailing list