Hi All,
We are using openSSL 0.9.8d and want to confirm if we are vulnerable to
CVE-2014-0195 and if there is a patch for the same.
Thanks in advance,
Venkat
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Jaya Nageswar
Sent: Monday, June 09, 2014
Hi,
Do you use DTLS ?
it is secure mode of UDP transfer. If you are not using DTLS then you are
not vulnerable
regards,
James
On Mon, Jun 9, 2014 at 6:43 PM, Jaya Nageswar jaya.nages...@gmail.com
wrote:
Hi All,
We are currently using openssl 0.9.8 h version in one of our components. I
Dear OpenSSL web page subteam,
CVE 2014-0195 is listed in
https://www.openssl.org/news/secadv_20140605.txt
as fixed by the latest round of security fixes, however it is
missing from the primary cross reference at
https://www.openssl.org/news/vulnerabilities.html
You may wish to update
Hello Users,
I am at task to compile OpenSSL 1.0.1h for android platform and link it
with an application.
Can somebody give some pointers on how to do it. My problem is that there
are no Android.mk files for this. And how can I user ndk-build here?
Development env:
1. Ubuntu 14.04 / 12.04
2.
Openssl does not directly support Android AFAIR. You can try some manual
changes to e.g. CC or write your own make file.
On Jun 23, 2014 11:18 AM, Abhishek Gupta abhis...@meddiff.com wrote:
Hello Users,
I am at task to compile OpenSSL 1.0.1h for android platform and link it
with an
On Mon, Jun 23, 2014 at 2:17 PM, Abhishek Gupta abhis...@meddiff.com wrote:
Hello Users,
I am at task to compile OpenSSL 1.0.1h for android platform and link it with
an application.
Can somebody give some pointers on how to do it. My problem is that there
are no Android.mk files for this.
Hi Jakob,
Thanks - I think this has now been corrected, the website should sync
within an hour or so. Please let me know if you see anything amiss.
Cheers,
Geoff
On Mon, Jun 23, 2014 at 8:15 AM, Jakob Bohm jb-open...@wisemo.com wrote:
Dear OpenSSL web page subteam,
CVE 2014-0195 is listed
CVE-2014-0198 is listed in the VULNERABILITIES page as fixed in 1.0.1h and
1.0.0m , but is not listed on the Release Notes for either of these releases.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Geoffrey Thorpe
Sent: Monday, June 23, 2014 11:59
http://wiki.openssl.org/index.php/Android
In addition, the Guardian Project's Orbot is a live working example of
of a project currently building OpenSSL on Android.
https://gitweb.torproject.org/orbot.git/blob/HEAD:/external/Makefile
Hello users,
I recently wrote a program to do ECDH secret derivation, using OpenSSL
v1.0.1f.
I actually followed the example given at
http://wiki.openssl.org/index.php/Elliptic_Curve_Diffie_Hellman, and I was
able to make it work.
But I need to make the program work on a machine with OpenSSL
On Mon, Jun 23, 2014 at 06:46:29PM -0400, pratyush parimal wrote:
So does anyone know how to get the secret derivation working in OpenSSL
v0.9.8?
The EC support in 0.9.8 is incomplete, and disabled by default.
You should treat 0.9.8 as NOT capable of doing EC.
Because from what I read I
Hi,
Thanks a lot for the clarification. I understand now.
Could you also let ne know the same about normal DH operations (not the ec
counterparts)? Are they supported in v0.9.8 then?
Regards,
Pratyush.
On Jun 23, 2014 7:07 PM, Viktor Dukhovni openssl-us...@dukhovni.org
wrote:
On Mon, Jun 23,
On Mon, Jun 23, 2014 at 07:18:06PM -0400, pratyush parimal wrote:
Thanks a lot for the clarification. I understand now.
Could you also let ne know the same about normal DH operations (not the ec
counterparts)? Are they supported in v0.9.8 then?
Prime DH is supported in 0.9.8.
--
Thanks .. that helps!
-pratyush
On Jun 23, 2014 7:44 PM, Viktor Dukhovni openssl-us...@dukhovni.org
wrote:
On Mon, Jun 23, 2014 at 07:18:06PM -0400, pratyush parimal wrote:
Thanks a lot for the clarification. I understand now.
Could you also let ne know the same about normal DH operations
14 matches
Mail list logo