SSLv3 (aka POODLE) vulnerability - CVE-2014-3566
I hope it's a good idea to open a bug ticket about the forum topic: http://redmine.replicant.us/boards/9/topics/6909
Replicant should be vulnerable to POODLE (= Padding Oracle On Downgraded Legacy Encryption).
CM specific informations:
Seems CM 11.0 got a patch:
In CM 10.2 branch, the vulnerable code still seems present:
Hope there is an easy way to fix that behavior in Replicant.
Updated by My Self over 6 years ago
Furthermore I've found this blog post from the Google Security Team:
For example reasons, here are the merged commits for this patches from the OMNI project:
Hope this helps.