On Thu, 29 Jan 2015 06:33:13 +0000 Kannan Narayanasamy -X (kannanar - HCL TECHNOLOGIES LIMITED at Cisco) wrote:
> For poodle vulnerability we have upgraded the openssl to 0.9.8zc > version. But still result shows as vulnerable. (downloaded poodle.sh > script from the link https://access.redhat.com/articles/1232123 to > verify) The script checks if a target server has SSL 3.0 enabled, i.e. the PO part of POODLE. OpenSSL 0.9.8zc does not address that, it adds a feature (TLS_FALLBACK_SCSV) to help mitigate/block the DLE part. The script does not attempt to check if the server implements this fallback protection. -- Tomas Hoger _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
