[24572] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

PureTLS Security Announcement: Upgrade to 0.9b2

daemon@ATHENA.MIT.EDU (Eric Rescorla)
Wed Mar 6 17:49:16 2002

Message-Id: <200203060028.g260S0N79829@romeo.rtfm.com>
To: bugtraq@securityfocus.com, puretls-users@rtfm.com
Mime-Version: 1.0 (generated by tm-edit 7.108)
Content-Type: text/plain; charset=US-ASCII
Date: Tue, 05 Mar 2002 16:28:00 -0800
From: Eric Rescorla <ekr@rtfm.com>

PureTLS <http://www.rtfm.com/puretls is a pure Java implementation of
SSLv3/TLS. PureTLS 0.9b2 was released Mar 1, 2002.

Internal audits prior to the release of PureTLS 0.9b2 discovered a
potential attack under certain conditions. This vulnerability was
present in all prior versions. Details of this vulnerability have not
been disclosed and are being withheld now to allow users time to
upgrade. As far as we know, this attack has not been exploited in the
wild and is not publicly known.

All users of older versions are strongly urged to upgrade immediately.
The new version can be downloaded from.

http://www.rtfm.com/puretls

-Ekr

--
[Eric Rescorla                                   ekr@rtfm.com]
                     http://www.rtfm.com/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[24572] in bugtraq

PureTLS Security Announcement: Upgrade to 0.9b2

daemon@ATHENA.MIT.EDU (Eric Rescorla)Wed Mar 6 17:49:16 2002

daemon@ATHENA.MIT.EDU (Eric Rescorla)
Wed Mar 6 17:49:16 2002