[openssl-users] openSSL and SLOTH attack

Salz, Rich rsalz at akamai.com
Fri Jan 8 17:43:30 UTC 2016

Are you going to keep posting and posting until you get a response? :(

Master branch, 1.1, is not released but will not be vulnerable (may already be fixed)
1.0.2 is not vulnerable.
1.0.1f and later are not vulnerable.
1.0.0 might be, and is end of life anyway so you should move of that.
0.9.8 is also end of life, but does not do TLS 1.2 so is not vulnerable.

Senior Architect, Akamai Technologies
IM: richsalz at jabber.at Twitter: RichSalz

More information about the openssl-users mailing list