I’m not sure what news you’re looking for. It’s been patched since 10/05/2012.
Could you be more specific? Joe From: Stefan Eriksson [mailto:[email protected]] Sent: Wednesday, November 13, 2013 6:11 AM To: [email protected] Subject: [Pound Mailing List] Disabling SSL Compression option in Stable Release > > You can use my stage for 2.7b branch if that's easier, which already has > > the CRIME patch applied for openssl pre 1.0 and 1.0+. > > https://github.com/goochjj/pound/tree/stage_for_upstream/v2.7b<https://github.com/goochjj/pound/tree/stage_for_upstream/v2.7b> > > Or you can borrow the patch from the last commit to that branch. > > Joe > Hi Chris, > > This isn't working for me, but thanks for the suggestions! > > I think Joe, I will check out your git code and compile that. Sounds > like a good way forward! > > Many thanks all, > James. Any news about this? Its a pretty serious issue, https://www.ssllabs.com/ is reporting about this CRIME issue. Many thanks Stefan
