On 01/28/2016 08:48 PM, Mark Thomas wrote:
> On 28/01/2016 15:47, Rainer Jung wrote:
>> My first thoughts:
>>
>> - DH small subgroups (CVE-2016-0701)
>>
>> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
>> impl of SSLContext.make()). This is true for trunk and 1.1.x. This
On 28/01/2016 15:47, Rainer Jung wrote:
> My first thoughts:
>
> - DH small subgroups (CVE-2016-0701)
>
> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
> impl of SSLContext.make()). This is true for trunk and 1.1.x. This
> should suffice to not being exposed to the prob
My first thoughts:
- DH small subgroups (CVE-2016-0701)
Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
impl of SSLContext.make()). This is true for trunk and 1.1.x. This
should suffice to not being exposed to the problem. It is a bit
unfortunate though, that the adis
