On Wed, 2009-11-11 at 16:01 -0500, (private) HKS wrote: > http://www.kb.cert.org/vuls/id/120541 > > I assume Pound is vulnerable to this since it seems to be a flaw in > the actual protocol design, but can anyone confirm?
Yes, Pound suffers from the same problem (as you correctly note, this is really a SSL issue). We hope this will be fixed in some upcoming OpenSSL version. -- Robert Segall Apsis GmbH Postfach, Uetikon am See, CH-8707 Tel: +41-44-920 4904 -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
