Re: CVE 2014-0160 and FIPS 140-2 module
From heartbleed.com: Does OpenSSL's FIPS mode mitigate this? No, OpenSSL Federal Information Processing Standard (FIPS) mode has no effect on the vulnerable heartbeat functionality. == Scott Ruffner Computer Systems Senior Engineer Computer Science Department ruff...@cs.virginia.spam.eduUniversity of Virginia __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CVE 2014-0160 and FIPS 140-2 module
It is not. -ag -- sent via 100% recycled electrons from my mobile command center. > On Apr 9, 2014, at 7:22 AM, Chris Bare wrote: > > Can anyone confirm my understanding that the FIPS 140-2 certified module is > NOT affected by the CVE 2014-0160 vulnerability? > > -- > Chris Bare __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
CVE 2014-0160 and FIPS 140-2 module
Can anyone confirm my understanding that the FIPS 140-2 certified module is NOT affected by the CVE 2014-0160 vulnerability? -- Chris Bare