mark :: blog

04 Jun 2014: OpenSSL timelines

Here is the timeline from my (OpenSSL) perspective for the recent CCS Injection (MITM) vulnerability as well as the other flaws being fixed today.

SSL/TLS MITM vulnerability (CVE-2014-0224)

DTLS recursion flaw (CVE-2014-0221)

DTLS invalid fragment vulnerability (CVE-2014-0195)

Anonymous ECDH denial of service (CVE-2014-3470)

(All times UTC)

Post copied from my original source on Google+

Created: 04 Jun 2014

Hi! I'm Mark Cox. This blog gives my thoughts on security work, open source, home automation, and other topics.