After analyzing the PoC script we (maintainers of the Ruby OpenSSL
extension) consider CVE-2014-2734 to be invalid. Others have independently
arrived at the same conclusion: [1][2] You may find a summary of our
analysis at [3].
Regards,
Martin Boßlet
[1] https://github.com/
[2] https://news.ycombinator.com/
[3] https://gist.github.com/
extension) consider CVE-2014-2734 to be invalid. Others have independently
arrived at the same conclusion: [1][2] You may find a summary of our
analysis at [3].
Regards,
Martin Boßlet
[1] https://github.com/
[2] https://news.ycombinator.com/
[3] https://gist.github.com/