Zombie poddle and Goldendoodle vulnerablity

Matt Caswell matt at openssl.org
Wed Feb 27 11:18:38 UTC 2019



On 27/02/2019 11:07, Manish Patidar wrote:
> 
> Hi, 
> There has been two vulnerability reported: golden doodle and zombie poddle. 
> Does it impact openssl 1.1.1 or 1.0.2 version ? 
> 
> https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/

These issues haven't been reported to openssl-security. From that blog bost
zombie poodle only seems to affect Citrix products
(https://support.citrix.com/article/CTX240139). There are very little details
about the "goldennoodle" vulnerability. Given that this hasn't been reported to
us I would assume that OpenSSL is not vulnerable.

Matt



More information about the openssl-users mailing list