---------- Original message ---------- Subject: Re: Why are you (still) using PowerPC-based Macs? Date: Freitag 22 Januar 2010N From: Dan <dantear...@gmail.com> To: g3-5-list@googlegroups.com
> >>OpenSSL > >>CVE-ID: CVE-2009-3555 > >>Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X > >>v10.6.2, Mac OS X Server v10.6.2 > >>Impact: An attacker with a privileged network position may capture > >>data or change the operations performed in sessions protected by SSL > > While this is applicable to all implementations of SSL (it's a direct > protocol failure), I'm not finding or hearing of any code that takes > advantage of it on a Mac. I don't think that this is at all architecture specific. Every secure page (https://...) could be affected by it, and it doesn't matter if you're sitting in front of a PowerPC-based Mac, an ALPHA-based DEC, or an x86 (Intel/AMD)- based PC, as long as you direct your browser to an SSL encrypted page, and this very browser utilizes the operating systems capabilities to manage SSL. Mac OS X and almost all UNIXes use OpenSSL for this job. All are affected. On every architecture. That is how I understand it. But maybe I'm wrong again. Cheers, Andreas aka Mac User #330250 -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com For more options, visit this group at http://groups.google.com/group/g3-5-list