PureTLS Security Announcement: Upgrade to 0.9b2

From: Eric Rescorla (ekrat_private)
Date: Tue Mar 05 2002 - 16:28:00 PST

Next message: Richard M. Smith: "RE: On the ultimate futility of server-based mail scanning"

Previous message: David Kennedy CISSP: "Re: On the ultimate futility of server-based mail scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

PureTLS <http://www.rtfm.com/puretls is a pure Java implementation of
SSLv3/TLS. PureTLS 0.9b2 was released Mar 1, 2002.

Internal audits prior to the release of PureTLS 0.9b2 discovered a
potential attack under certain conditions. This vulnerability was
present in all prior versions. Details of this vulnerability have not
been disclosed and are being withheld now to allow users time to
upgrade. As far as we know, this attack has not been exploited in the
wild and is not publicly known.
	
All users of older versions are strongly urged to upgrade immediately.
The new version can be downloaded from.

http://www.rtfm.com/puretls

-Ekr

--
[Eric Rescorla                                   ekrat_private]
                     http://www.rtfm.com/

Next message: Richard M. Smith: "RE: On the ultimate futility of server-based mail scanning"
Previous message: David Kennedy CISSP: "Re: On the ultimate futility of server-based mail scanning"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Mar 06 2002 - 14:46:26 PST