Hi Rich, do we have some formal announcement that openssl is not vulnerable for POODLE in TLS? or can you explain why Openssl is not affected? if symantec is issuing notification like that, i guess, a lot of management will demand explanations. Thanks,
Thanks, Arthur On Tue, Dec 9, 2014 at 11:26 AM, Salz, Rich <rs...@akamai.com> wrote: > > I also received a notification from Symantec's DeepSight, that states: > > "OpenSSL CVE-2014-8730 Man In The Middle Information Disclosure > > Vulnerability". > > Did Symantic really label it an OpenSSL CVE? That's wrong. > > OpenSSL does not have this defect. > > /r$ > > _______________________________________________ > openssl-users mailing list > openssl-users@openssl.org > https://mta.opensslfoundation.net/mailman/listinfo/openssl-users > > -- Thanks, Arthur
_______________________________________________ openssl-users mailing list openssl-users@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
