Comment by pseudohadamard

Comment by pseudohadamard 5 days ago

0 replies

View on Hacker News

I particularly like the FIPS bit:

>The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.

"I hereby define the vulnerability to be outside the bit that I define to be secure, therefore we're not vulnerable".