Skip to Content.
Sympa Menu

perfsonar-announce - [perfsonar-announce] new SSL Logjam vulnerability

Subject: perfSONAR Announcements

List archive

[perfsonar-announce] new SSL Logjam vulnerability


Chronological Thread 
  • From: Andrew Lake <>
  • To: , perfsonar-announce <>
  • Subject: [perfsonar-announce] new SSL Logjam vulnerability
  • Date: Wed, 20 May 2015 13:52:39 -0400

Hi all,

The perfSONAR Team just wanted to make everyone aware of a new SSL
vulnerability that’s out there today, dubbed Logjam:
https://weakdh.org/sysadmin.html. Your perfSONAR hosts should NOT be
vulnerable to this attack. The Apache configuration installed by the Toolkit
disables the cipher suites in question by default. See the resource above for
more details. There are no further actions required on your part, we just
wanted to make everyone aware in case they saw something on the vulnerability
and were wondering if their host was affected. You can also go to
https://weakdh.org/sysadmin.html to check your host (perfSONAR or otherwise)
if you are worried a machine may be vulnerable. Please let us know if you
have any questions.

Thank you,
Andy Lake

  • [perfsonar-announce] new SSL Logjam vulnerability, Andrew Lake, 05/20/2015

Archive powered by MHonArc 2.6.16.

Top of Page