[Cryptography] LibreSSL unaffected by DROWN

Yui Hirasawa yui at cock.li
Wed Mar 2 15:20:37 EST 2016


> The emphasis has been on cleaning up the code and improving security,
> which includes removing things such as SSL2 which has fundamental
> security flaws.

Something that doesn't have feature X is unaffected by an attack
involving feature X!

Here is an incomplete list of other libraries that aren't vulnerable to
DROWN:

  - libusb
  - libmatroska
  - libogg
  - libxml2
  - libbluray

What a non-story.



More information about the cryptography mailing list