[Pkg-openssl-devel] Debian OpenSSL CVE-2011-5095

Henri Salo henri at nerv.fi
Sat Jun 23 08:22:39 UTC 2012

Previous message: [Pkg-openssl-devel] Bug#678353: openssl: SSL3_GET_RECORD:decryption failed or bad record mac:s3_pkt.c:480
Next message: [Pkg-openssl-devel] Debian OpenSSL CVE-2011-5095
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Is Debian OpenSSL build with FIPS mode? There is vulnerability related to that feature, which has TODO-note in security tracker: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5095

I can create bug-report out of this if we do use FIPS. I am sorry, but I do not know how to check that by myself.

- Henri Salo

Previous message: [Pkg-openssl-devel] Bug#678353: openssl: SSL3_GET_RECORD:decryption failed or bad record mac:s3_pkt.c:480
Next message: [Pkg-openssl-devel] Debian OpenSSL CVE-2011-5095
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Pkg-openssl-devel mailing list