On Thursday, June 5, 2014 7:37:29 PM UTC-4, Jeremy Rossi wrote: > > Yeah been reviewing this but nothing has changed with ossec usage of > OpenSSL in any released versions of the code. Things to make note of is > ossec-authd makes use of OpenSSL but provides encrypted transport but > zero, nine, nada authentication / authorization. So the bugs outline don't > look to increase the exposure anymore then what is in place (aka nothing > and no protection of man in the middle attacks). > > Some code that has landed in master changes this and I am actively > reviewing all the bugs and the effects on the pull request. > https://github.com/ossec/ossec-hids/pull/205 >
Thanks Jeremy... -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
