OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Eric Rescorla (ekrrtfm.com)
Date: Tue Mar 05 2002 - 18:28:00 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    PureTLS <http://www.rtfm.com/puretls is a pure Java implementation of
    SSLv3/TLS. PureTLS 0.9b2 was released Mar 1, 2002.

    Internal audits prior to the release of PureTLS 0.9b2 discovered a
    potential attack under certain conditions. This vulnerability was
    present in all prior versions. Details of this vulnerability have not
    been disclosed and are being withheld now to allow users time to
    upgrade. As far as we know, this attack has not been exploited in the
    wild and is not publicly known.
            
    All users of older versions are strongly urged to upgrade immediately.
    The new version can be downloaded from.

    http://www.rtfm.com/puretls

    -Ekr

    --
    [Eric Rescorla                                   ekrrtfm.com]
                         http://www.rtfm.com/