RTFM.
-Amarendra
--
sent via 100% recycled electrons from my mobile command center.
On Mar 22, 2015, at 11:29 AM, Niraj Sorathiya nirajsorathiya...@gmail.com
wrote:
Hi,
Thanks Matt and jar file of openssl source code is available ?
I searched a lot but didn't get.
Regards,
openssl s_client -ssl2... maybe?
-ag
--
sent via 100% recycled electrons from my mobile command center.
On Oct 10, 2014, at 8:19 AM, Jeffrey Walton noloa...@gmail.com wrote:
I need to determine if SSLv2 is available at runtime. I know I can
check for NO_SSL2 at compile time, but I don't
Yes, your client is vulnerable. Which ip to connect to is governed by your
application, and IP addresses can be falsified, so it is very much possible
your client connects to a malicious server.
-ag
--
sent via 100% recycled electrons from my mobile command center.
On Apr 11, 2014, at 8:32
That is the state of software industry today, so no surprises there.
Organizations who spend time and effort on fixing code (generic usage) are far
and few in between (close to being non-existent).
-Amarendra
--
sent via 100% recycled electrons from my mobile command center.
On Apr 13, 2014,
Yes, you are correct.
-ag
--
sent via 100% recycled electrons from my mobile command center.
On Apr 10, 2014, at 5:54 AM, Jason Todd ja...@bluntstick.com wrote:
Just to verify, heart bleed doesn't look like it effects the fipscanister. I
can just recompile openssl 1.0.1c with the no heart
1. OpenSSL allows heartbeats during handshake.
2. Handshake request can come from any peer and is responded to (client or
server is immaterial). You don't prevent it, so a peer can send heartbeat
request and your openssl endpoint shall respond.
From what you describe, your application is
No. OpenSSH is not affected. See
http://undeadly.org/cgi?action=articlesid=20140408063423
-ag
--
sent via 100% recycled electrons from my mobile command center.
On Apr 10, 2014, at 6:39 PM, Roberto Spadim robe...@spadim.com.br wrote:
hi guys, what about openssh, does it have some problem
It is not.
-ag
--
sent via 100% recycled electrons from my mobile command center.
On Apr 9, 2014, at 7:22 AM, Chris Bare chris.b...@gmail.com wrote:
Can anyone confirm my understanding that the FIPS 140-2 certified module is
NOT affected by the CVE 2014-0160 vulnerability?
--
Chris