perfSONAR Announcements

[Jason Zurawski <>]

Greetings All;

Some may be aware the recent announcement regarding the "FREAK” 
vulnerability, more information can be found here:

https://community.norton.com/en/blogs/norton-protection-blog/new-freak-vulnerability-can-allow-attackers-decrypt-encrypted
 

The perfSONAR development team has reviewed the report, and has determined 
that there are no risks that require intervention.  The changes implemented 
after one of the prior vulnerabilities reduced the risk, e.g. disabling the 
export ciphers in the mod ssl configuration.  As always, keep your systems up 
to date by enabling auto-updates or other forms of configuration management.  

If anyone has any questions or concerns, please relay them to 
.
  

Thanks;

-jason