Please sign in to comment.
Fix CVE-2011-3389. Possible attack on CBC mode with TLS 1.0.
See http://www.openssl.org/~bodo/tls-cbc.txt The biggest reason for this mode being in SSL_OP_ALL was older versions of IE (2002) talking to servers using OpenSSL. Can hopefully get this into 5.4.
- Loading branch information...
Showing with 15 additions and 3 deletions.