Heartbleed attack on Openssl
Robert J. Hansen
rjh at sixdemonbag.org
Thu Apr 10 01:42:24 CEST 2014
> Chromium (from which chrome is based) actually embeds a copy of openssl,
> but doesn't use it for its TLS implementation, which is where the bug
> would be triggered. (i'm not sure why they do this embedding actually,
> i haven't reviewed it).
I have heard that Chrome is migrating to OpenSSL instead of Mozilla's
NSS libraries; it's possible Chromium is a testbed. Speculation on my
part, though.
More information about the Gnupg-users
mailing list