Security - 4.2 0002 - SSLv3 (aka POODLE) vulnerability - CVE-2014-3566
As far as I read Replicant should be vulnerable to POODLE (= Padding Oracle On Downgraded Legacy Encryption):
with the following statement from CM:
AFAIK there should be a patch (for CM 11.0):
But the CM-10.2 branch still the vulnerable code is still present:
Hope there are ways to fix that security issue in Replicant.
Thnaks for your time and enthusiasm!
RE: Security - 4.2 0002 - SSLv3 (aka POODLE) vulnerability - CVE-2014-3566 - Added by Paul Kocialkowski over 6 years ago
Thanks for opening tickets about this, I'll merge the patches before making a new set of Replicant images.