[cryptography] OpenSSL 1.0.0 released
pgut001 at cs.auckland.ac.nz
Tue Mar 30 20:51:02 EDT 2010
Arturo Quirantes <aquirantes at cripto.es> writes:
>I wonder if the new release includes a patch to the recently attack by
>Pellegrini et al:
>and, if not, when will it be available.
This is currently being held up by a more urgent patch to defend OpenSSL
against a recently-discovered weakness involving pink unicorns. The
Pellegrini attack defence is expected to be rolled out after this patch is
released, at the same time as a patch for "the leprechaun thing" (details
currently unpublished due to acute security concerns).
More information about the cryptography