pidgin.im Needs Major Security Update: CVE-2014-0224
Daniel Atallah
daniel.atallah at gmail.com
Fri Jun 13 23:36:53 EDT 2014
This has been addressed.
Thanks.
On Fri, Jun 13, 2014 at 2:10 PM, William Rolison <williamrolison at gmail.com>
wrote:
> Hi,
>
> pidgin.im Needs Major Security Update: CVE-2014-0224
>
> "This server is vulnerable to the OpenSSL CCS vulnerability
> (CVE-2014-0224) and exploitable."
>
> See full report @ https://www.ssllabs.com/ssltest/analyze.html?d=pidgin.im
>
> While you at it, please drop RC4, add Robust Forward Secrecy, and
> enable Strict Transport Security (HSTS).
>
> Thanks,
>
> Will
>
> --
> _________________________________
> Contact Info:
>
> Name: William Rolison
> E-Mail: williamrolison at gmail.com
> Cell Phone: (803) 753-8824
> _______________________________________________
> security mailing list
> security at pidgin.im
> https://pidgin.im/cgi-bin/mailman/listinfo/security
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pidgin.im/cgi-bin/mailman/private/security/attachments/20140613/3a38130d/attachment.html>
More information about the security
mailing list