[tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL

Jann Horn jann at thejh.net
Wed Apr 9 19:25:21 UTC 2014


On Wed, Apr 09, 2014 at 03:07:11PM -0400, Christopher J. Walters wrote:
> On 4/9/2014 3:04 PM, Michael Wolf wrote:
> >On 4/9/2014 2:29 PM, Christopher J. Walters wrote:
> >
> >>This bug has been a known issue for about 2 years, and we are only now
> >>learning about it.
> >
> >The bug has existed for about 2 years, but was not a "known issue"
> >before the last week or so.  (Excluding, of course, criminals and such
> >who may have found it and didn't report it.)
> 
> You can believe what you will, but much of the GNU/Linux and *BSD
> community has known about this vulnerability for 2 years.

Please give us a source for that statement. Ideally, a link and a short quote.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140409/a04428cc/attachment.sig>


More information about the tor-talk mailing list