wolfSSL Users SAFE from Recent OpenSSL Vulnerabilities (DH Primes, SSLv2)



OpenSSL recently released patches for two vulnerabilities [1] - one related to how OpenSSL generates Diffie-Hellman prime values and the other that potentially allowed a malicious client to negotiate old SSLv2 ciphers that had been disabled on the server.  Since both of these are OpenSSL implementation vulnerabilities, wolfSSL users are SAFE.

For reference, the two OpenSSL vulnerabilities that were patched were:

CVE 2016-0701
CVE 2015-3197

[1] http://openssl.org/news/secadv/20160128.txt

Originally posted at: http://www.wolfssl.com/wolfSSL/Blog/Entries/2016/2/4_wolfSSL_Users_SAFE_from_Recent_OpenSSL_Vulnerabilities_%28DH_Primes,_SSLv2%29.html
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.