On 01/28/2016 08:48 PM, Mark Thomas wrote:
> On 28/01/2016 15:47, Rainer Jung wrote:
>> My first thoughts:
>>
>> - DH small subgroups (CVE-2016-0701)
>>
>> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
>> impl of SSLContext.make()). This is true for trunk and 1.1.x. This
On 28/01/2016 15:47, Rainer Jung wrote:
> My first thoughts:
>
> - DH small subgroups (CVE-2016-0701)
>
> Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
> impl of SSLContext.make()). This is true for trunk and 1.1.x. This
> should suffice to not being exposed to the prob
My first thoughts:
- DH small subgroups (CVE-2016-0701)
Our native code sets SSL_OP_SINGLE_DH_USE in sslcontext.c (in the native
impl of SSLContext.make()). This is true for trunk and 1.1.x. This
should suffice to not being exposed to the problem. It is a bit
unfortunate though, that the adis
Since the advisory
https://www.openssl.org/news/secadv/20160128.txt
is currently under heavy load, here's a copy:
OpenSSL Security Advisory [28th Jan 2016]
=
NOTE: SUPPORT FOR VERSION 1.0.1 WILL BE ENDING ON 31ST DECEMBER 2016. NO
SECURITY FIXES WILL BE
