[Freeswitch-users] major openssl vulnerability.
Daniel Ivanov
sertys at gmail.com
Tue Apr 8 11:46:08 MSD 2014
PFS would not by any means protect you by such an implementation failure.
And the problem with PFS is the fact that it's wildly believe that the
ecliptic curve algorithms behind it are cratfully backdoored.
On Tue, Apr 8, 2014 at 12:20 AM, R P Herrold <herrold at owlriver.com> wrote:
> On Mon, 7 Apr 2014, Michael Jerris wrote:
>
> > More information available at http://heartbleed.com/ . You should
> probably upgrade openssl to at least 1.0.1g and re-generate all keys and
> invalidate old keys.
>
> * nod * looks material. I mentioned side channel leakage [of
> which this is a variant], and the need to move to Perfect
> Forward Security in my post last week
>
> The speculation in the heartbleed site as to CentOS 6 series
> PRIOR to the 6.5 updates, seems to be partiall ruled out by:
> https://access.redhat.com/security/cve/CVE-2014-0160
>
> but the 6.5 update srouces, sadly, adds it, and so we can look
> for an openssl update there
>
> -- Russ herrold
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140408/0cf14161/attachment.html
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users
mailing list