Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

PureTLS Security Announcement: Upgrade to 0.9b2

From: Eric Rescorla <ekr () rtfm com>
Date: Tue, 05 Mar 2002 16:28:00 -0800
PureTLS <http://www.rtfm.com/puretls is a pure Java implementation of
SSLv3/TLS. PureTLS 0.9b2 was released Mar 1, 2002.

Internal audits prior to the release of PureTLS 0.9b2 discovered a
potential attack under certain conditions. This vulnerability was
present in all prior versions. Details of this vulnerability have not
been disclosed and are being withheld now to allow users time to
upgrade. As far as we know, this attack has not been exploited in the
wild and is not publicly known.
        
All users of older versions are strongly urged to upgrade immediately.
The new version can be downloaded from.

http://www.rtfm.com/puretls

-Ekr

--
[Eric Rescorla                                   ekr () rtfm com]
                     http://www.rtfm.com/
Previous By Date Next
Previous By Thread Next

Current thread: