On Thu, Jun 5, 2014 at 4:49 PM, Salz, Rich <[email protected]> wrote:
>> Can anyone explain the vulnerability?
>
> A handful of links
>
> Here's the timeline, a public document:
> https://plus.google.com/u/0/+MarkJCox/posts/L8i6PSsKJKs
>
> And this blog entry from the guy who found the bug. BTW, it's 16 years old.
>
> http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html
>
> Adam Langley's writeup full of technical and protocol details
> https://www.imperialviolet.org/2014/06/05/earlyccs.html
>
Thanks Rich.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]