Learn about Centmin Mod LEMP Stack today
Register Now

OpenSSL The SWEET32 Issue, CVE-2016-2183

Discussion in 'CentOS, Redhat & Oracle Linux News' started by buik, Aug 25, 2016.

Tags:
  1. buik

    buik “The best traveler is one without a camera.”

    1,712
    468
    83
    Apr 29, 2016
    Flanders
    Ratings:
    +1,468
    Local Time:
    4:01 PM
    Today, Karthik Bhargavan and Gaetan Leurent from Inria
    have unveiled a new attack on Triple-DES, SWEET32,
    Birthday attacks on 64-bit block ciphers in TLS.

    It has been assigned CVE-2016-2183.


    BTW. The only positive news in this article:
    For the 1.1.0 release, which we expect to release tomorrow.
     
  2. eva2000

    eva2000 Administrator Staff Member

    49,234
    11,291
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,567
    Local Time:
    12:01 AM
    Nginx 1.21.x
    MariaDB 10.x
    Thanks for heads up @bassie (y)

    luckily Centmin Mod Nginx default ssl ciphers these days have it disabled out of the box for most