My site is vulnerable to the SSL FREAK attacks.

Dewangga dewanggaba at xtremenitro.org
Tue Apr 14 02:25:19 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello!

What linux distribution do you use?

On el6 I use openssl-1.0.1e-30.el6
On el7 I use openssl-1.0.1e-42.el7.4.x86_64

https://kb.iweb.com/entries/90860777-Security-vulnerabilities-in-OpenSSL
- -FREAK-CVE-2015-0204-and-more

Red hat using their own packages versioning (CMIIW), it might be vary
with your linux distro. And how do you test your site againts FREAK
attacks?

On 4/14/2015 08:28, jinwon42 wrote:
> same error. site is vulnerable to the SSL FREAK attacks.
> 
> openssl version is the problem? openssl version is 1.02
> 
> what's problem?
> 
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,257984,258010#msg-258010
> 
> _______________________________________________ nginx mailing list 
> nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJVLHqOAAoJEF1+odKB6YIxupIIAI+bCplE9ixsIb1SDAXDJriC
MDBc8RfCM72V/a6Lm6FpFxd1mJiMYs93zSGNkD34VrkHRABAf0DrL3tMD276dn3G
r/9QtrHYfw9A78p/6juZVsQ6tPWPcRPRvRFdXp1M8KUO64pR8JgWCrIxoFAzwNJ0
jj+UMElZAo4+xFsEXndHlRBb4BGb5nOXkG9cXkN9PvjEX3g4EDeAViayqZnJtxCd
yORGa4cWgld+HOxPWCSd3rHrxLy9rCaudhhFKPqX+ziRSX4Eq85r9dAnxHxzKg3b
kDn3w8ixpc/CqaRA0DvANMB2xc9IXGAR7P/rOkw5MyGO3Foh9w6JVQcsH1JCipU=
=AKo2
-----END PGP SIGNATURE-----



More information about the nginx mailing list