On Fri, 2014-10-17 at 21:40 +0200, Tim Rühsen wrote:
> Looking at the thread 'SSL Poodle attack'.
> So far everybody seem to agree to disable SSLv3 in the default settings.
> I already posted a patch for OpenSSL and GnuTLS.
>
> Because 'Poodle' itself does not affect Wget (e.g. you need a Javascr
Hi,
I'm working on a "Web-in-a-sandbox" project, trying to host shallow
(-l 2) copies of several web sites on a server running in a private
Internet "replica".
So far, httrack's "-K5" option (which they call "transparent proxy
URL") appears to do what I need (see
http://www.httrack.com/html/htt
Am Freitag, 17. Oktober 2014, 18:02:39 schrieb Christoph Anton Mitterer:
> On Thu, 2014-10-16 at 21:34 +0200, Ángel González wrote:
> > First of all, note that wget doesn't react to a disconnect with a
> > downgraded retry thus
> > it is mainly not vulnerable to poodle (you could only use CVE-2014-
On Thu, 2014-10-16 at 21:34 +0200, Ángel González wrote:
> First of all, note that wget doesn't react to a disconnect with a
> downgraded retry thus
> it is mainly not vulnerable to poodle (you could only use CVE-2014-3566
> against servers
> not supporting TLS).
>
> Then, even in that case, as
Hey.
On Thu, 2014-10-16 at 19:01 +0200, Tim Rühsen wrote:
> Thanks for your input.
>
> We are just discussing that issue (and of course anybody is invited to take
> part here on the list).
Sorry, I've only saw that one afterwards :)
> While we (developers) could change the code in a few minut
Am Donnerstag, 16. Oktober 2014, 21:50:50 schrieb Pär Karlsson:
> Hi, I fould a potential gotcha when playing with clang's code analysis tool.
>
> The concat_strings function silently stopped counting string lengths when
> given more than 5 arguments. clang warned about potential garbage values in
Am Donnerstag, 16. Oktober 2014, 22:01:35 schrieb Ángel González:
> Ángel González wrote:
> > First of all, note that wget doesn't react to a disconnect with a
> > downgraded retry thus
> > it is mainly not vulnerable to poodle (you could only use
> > CVE-2014-3566 against servers
> > not supportin