Doubts in the fix of CVE-2019-1559

Hi This vulnerability is fixed based on pid of process. Currently we are geting pid only where pthread is enabled, does it mean that this vulnerability does not impact to other environment like Windows etc.? Regards Manish

Re: Proposed change to linux kernel about random numbers

On 18/09/2019 20:58, Salz, Rich via openssl-users wrote: Please take a look at https://lore.kernel.org/lkml/CAHk-=wiGg-G8JFJ=r7qf0b+utqa_weouk6v+mcmfsljlrq6...@mail.gmail.com/ and consider giving your comments. TL;DR:  see the comment below. + * Hacky workaround for the fact that some proce

Proposed change to linux kernel about random numbers

Please take a look at https://lore.kernel.org/lkml/CAHk-=wiGg-G8JFJ=r7qf0b+utqa_weouk6v+mcmfsljlrq6...@mail.gmail.com/ and consider giving your comments. TL;DR: see the comment below. + * Hacky workaround for the fact that some processes + * ask for truly secure random numbers and absolutely wa

Re: DH group cipher suites getting rejected

* However if I try ECDHE, it works fine. Is DHE only cipher suites less common now ? * I believe its responsibility of server to generate DHparam of large enough size. Yes, DHE has dropped because it is hard to get right, and it takes more CPU cycles than ECDHE.

DH group cipher suites getting rejected

Hi, Why google rejected DH ciphers suites, I am trying *openssl s_client -cipher 'DHE-RSA-AES128-GCM-SHA256' -connect www.google.com:443 * However if I try ECDHE, it works fine. Is DHE only cipher suites less common now ? I believe its responsibility of server to generat