After analyzing the PoC script we (maintainers of the Ruby OpenSSL
extension) consider CVE-2014-2734 to be invalid. Others have independently
arrived at the same conclusion: [1][2] You may find a summary of our
analysis at [3].
Regards,
Martin Boßlet
[1] https://github.com/adrienthebo/cve-2014-2734/
[2] https://news.ycombinator.com/item?id=7601973
[3] https://gist.github.com/emboss/91696b56cd227c8a0c13
Image may be NSFW.extension) consider CVE-2014-2734 to be invalid. Others have independently
arrived at the same conclusion: [1][2] You may find a summary of our
analysis at [3].
Regards,
Martin Boßlet
[1] https://github.com/
[2] https://news.ycombinator.com/
[3] https://gist.github.com/
Clik here to view.
