You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@serf.apache.org by Stefan Beck <s....@codesys.com> on 2018/02/06 16:33:04 UTC

OpenSSL CVE-2017-3738, CVE-2017-3737

Hi,

is there any information about whether the Serf usage of OpenSSL is vulnerable to CVE-2017-3738, CVE-2017-3737? I was told that serf wouldn't allow this type of connection, but was unable to find any proof in the code. I would appreciate any hint on this.

Best regards