Date: Tue, 10 Aug 2021 15:41:56 +0200 From: Guido Berhoerster <guido+openwall.com@...hoerster.name> To: oss-security@...ts.openwall.com Subject: Re: STARTTLS vulnerabilities Hi, have you or are you planning to look into XMPP client/server implementations as well? The use of STARTTLS for both c2s and s2s connections is still prevalent both in terms of implementation support and actual practice and could potentially suffer form the same issues (command injection or downgrade attacks). -- Guido Berhoerster
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.