Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 28 Dec 2015 15:32:40 +0100
From: Florian Weimer <fweimer@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: Being vulnerable to POODLE

On 12/26/2015 08:28 AM, Sevan Janiyan wrote:

> It turns out that CoovaChilli[1] is vulnerable to POODLE & I'd like to

> [1] http://coova.github.io/CoovaChilli/

How so?

With some OpenSSL versions, it disables the 0/n split to mitigate a
*different* CBC vulnerability in TLS 1.0, and the client code explicitly
prevents OpenSSL from using TLS 1.1 and later.

Florian

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ