June OpenSSL Vulnerabilities
ASHLEY GRAVES (RIT Student)
axg7739 at rit.edu
Tue Aug 11 07:15:49 PDT 2015
Is OpenConnect affected by the same OpenSSL vulnerabilities as
AnyConnect from the June advisory
(http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl)?
The included CVEs are CVE-2015-1789, CVE-2015-1792, CVE-2014-8176,
CVE-2015-1788, CVE-2015-1790, CVE-2015-1791.
If not, does the way OpenConnect handles OpenSSL leave it unaffected
by the recent surge of other OpenSSL vulns? Thanks in advance.
More information about the openconnect-devel
mailing list