[Pkg-openssl-devel] Bug#529221: Netscape/OpenSSL Cipher Forcing Bug
Andreas Schulze
andreas.schulze at datev.de
Wed Jan 20 14:37:01 UTC 2010
Hello,
the Debian Bug Report #529221 seemes unchanged since 200905.
Could anybody post a status update?
I could recompile some applications patched with something like
bits &= ~SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG;
SSL_CTX_set_options(server_ctx, bits);
But this is not a real solution!
A Change should be made in the ssl library.
--
Andreas Schulze
Internetdienste | P532
DATEV eG
90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196
E-Mail info @datev.de | Internet www.datev.de
Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70
Vorstand
Prof. Dieter Kempf (Vorsitzender)
Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender)
Dipl.-Kfm. Michael Leistenschneider
Jörg Rabe v. Pappenheim
Dipl.-Vw. Eckhard Schwarzer
Vorsitzender des Aufsichtsrates: Reinhard Verholen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 315 bytes
Desc: digitale Signatur dieser Nachricht von Andreas Schulze
URL: <http://lists.alioth.debian.org/pipermail/pkg-openssl-devel/attachments/20100120/ecea3b83/attachment.pgp>
More information about the Pkg-openssl-devel
mailing list