Mailing List CGatePro@mail.stalker.com Message #106943
From: Fred.Zwarts F.Zwarts@KVI.nl <CGatePro@mail.stalker.com>
Subject: Padding Oracle vulnerability
Date: Thu, 23 Aug 2018 11:06:03 +0200
To: <CGatePro@mail.stalker.com>
X-Mailer: Microsoft Windows Live Mail 16.4.3528.331
In the release notes of version 6.2.6 I find the following bug fix:

•Bug Fix: TLS: 4.1: TLS connections might be vulnerable to Padding Oracle Attack.

We now run version 6.2.6.
If I run a test from https://www.ssllabs.com/ssltest/ it reports, among others:

This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set to F.

What is the explanation? Are there more than one Padding Oracle bugs, of which one one was fixed?



Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster