Although not really a proper security advisory because the base system appears to be safe( see my previous article, DROWN: Vunerable? Not exactly! ), installing some packages can make your NetBSD installs vulnerable to DROWN. By default, Apache 2.2 and a number of other packages enable SSLv2 and v3 out of the box, and without the … Continue reading Security Advisory: NetBSD upgrades to OpenSSL 1.0.1s
Apology from the Writer: Excuse the kitschy title image, but it really seems like everyone already thinks of SSL as little locks on the intertubes, so I really just had to go along with it! Public disclosure of the DROWN attack is a little over a week old now, but for the end user it can … Continue reading DROWN: Vulnerable? Not exactly!