Zombie poddle and Goldendoodle vulnerablity

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Zombie poddle and Goldendoodle vulnerablity

Manish Patidar

Hi, 
There has been two vulnerability reported: golden doodle and zombie poddle. 
Does it impact openssl 1.1.1 or 1.0.2 version ? 

https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/

Regards 
Manish
Reply | Threaded
Open this post in threaded view
|

Re: Zombie poddle and Goldendoodle vulnerablity

Matt Caswell-2


On 27/02/2019 11:07, Manish Patidar wrote:
>
> Hi, 
> There has been two vulnerability reported: golden doodle and zombie poddle. 
> Does it impact openssl 1.1.1 or 1.0.2 version ? 
>
> https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/

These issues haven't been reported to openssl-security. From that blog bost
zombie poodle only seems to affect Citrix products
(https://support.citrix.com/article/CTX240139). There are very little details
about the "goldennoodle" vulnerability. Given that this hasn't been reported to
us I would assume that OpenSSL is not vulnerable.

Matt

Reply | Threaded
Open this post in threaded view
|

Re: Zombie poddle and Goldendoodle vulnerablity

Manish Patidar
Does CVE-2019-1559  is related to these vulnerability.


On Wed, 27 Feb 2019, 4:48 pm Matt Caswell, <[hidden email]> wrote:


On 27/02/2019 11:07, Manish Patidar wrote:
>
> Hi, 
> There has been two vulnerability reported: golden doodle and zombie poddle. 
> Does it impact openssl 1.1.1 or 1.0.2 version ? 
>
> https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/

These issues haven't been reported to openssl-security. From that blog bost
zombie poodle only seems to affect Citrix products
(https://support.citrix.com/article/CTX240139). There are very little details
about the "goldennoodle" vulnerability. Given that this hasn't been reported to
us I would assume that OpenSSL is not vulnerable.

Matt

Reply | Threaded
Open this post in threaded view
|

Re: Zombie poddle and Goldendoodle vulnerablity

Matt Caswell-2


On 27/02/2019 13:46, Manish Patidar wrote:
> Does CVE-2019-1559  is related to these vulnerability.
>

No, that is entirely different.

Matt


>
> On Wed, 27 Feb 2019, 4:48 pm Matt Caswell, <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>
>
>     On 27/02/2019 11:07, Manish Patidar wrote:
>     >
>     > Hi, 
>     > There has been two vulnerability reported: golden doodle and zombie poddle. 
>     > Does it impact openssl 1.1.1 or 1.0.2 version ? 
>     >
>     >
>     https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/
>
>     These issues haven't been reported to openssl-security. From that blog bost
>     zombie poodle only seems to affect Citrix products
>     (https://support.citrix.com/article/CTX240139). There are very little details
>     about the "goldennoodle" vulnerability. Given that this hasn't been reported to
>     us I would assume that OpenSSL is not vulnerable.
>
>     Matt
>