Hello, Does the recent Logjam[1] vulnerability affect Tinc? The security section of the Tinc website says: "Although tinc uses the OpenSSL library, it does not use the SSL protocol to establish connections between daemons" What would that mean, specifically, in regards to Logjam? Thank you for your time and for providing a great piece of VPN software! [1] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4000
On Sat, May 23, 2015 at 06:34:49AM -0500, hal wrote:> Does the recent Logjam[1] vulnerability affect Tinc?No, tinc is not affected by the Logjam vulnerability. -- Met vriendelijke groet / with kind regards, Guus Sliepen <guus at tinc-vpn.org> -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: Digital signature URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20150523/88bc0c5e/attachment.sig>
Seemingly Similar Threads
- CESA-2013:X012 Xen4CentOS Medium kernel Security Update
- CentOS-announce Digest, Vol 105, Issue 5
- CESA-2014:X011 Moderate kernel Xen4CentOS Security Update
- CESA-2014:X009 Important: Xen4CentOS kernel Security Update
- CentOS-announce Digest, Vol 112, Issue 7