TLS renegociation bug: time for OpenSSL upgrade?

To: netbsd-users%netbsd.org@localhost
Subject: TLS renegociation bug: time for OpenSSL upgrade?
From: Emmanuel Dreyfus <manu%netbsd.org@localhost>
Date: Mon, 23 Nov 2009 10:04:54 +0000

Hi

NetBSD's base system OpenSSL seems to get a bit old: there is the famous 
TLS renegociation problem, and I just discovered that Firefox 3.6's TLSv1
implementation breaks with our OpenSSL
http://mail-index.netbsd.org/netbsd-users/2009/11/21/msg004905.html

No base system OpenSSL seems to be planned (correct me if I'm wrong), 
pkgsrc's OpenSSL will fix Firefox's TLSv1 problem, but does it fix the
TLS renegociation problem?

Anyone knows?

-- 
Emmanuel Dreyfus
manu%netbsd.org@localhost

Follow-Ups:
- Re: TLS renegociation bug: time for OpenSSL upgrade?
  - From: Thor Lancelot Simon
- Re: TLS renegociation bug: time for OpenSSL upgrade?
  - From: Martin Husemann

Prev by Date: Re: Apache gets SIGSEGV in ssl3_finish_mac()
Next by Date: Re: TLS renegociation bug: time for OpenSSL upgrade?
Previous by Thread: Login over serial port to NetBSD
Next by Thread: Re: TLS renegociation bug: time for OpenSSL upgrade?
Indexes:

Home | Main Index | Thread Index | Old Index