[tor-relays] are relays susceptible to the latest OpenSSL "freak" attack

Nick Mathewson nickm at freehaven.net
Wed Mar 4 13:12:26 UTC 2015

On Wed, Mar 4, 2015 at 5:26 AM,  <starlight.2015q1 at binnacle.cx> wrote:
> Cipher-downgrade CVE-2015-0204 fixed in OpenSSL 1.0.1k.
> usual sensational write-up courtesy of El-Reg
> http://theregister.co.uk/security

I believe this doesn't affect Tor relays or clients, because we have
never supported export ciphers or generated export keys.

> For operators who don't obsess
> over "non-critical" OpenSSL releases,
> is it time to catch up?

I would suggest that everybody should update their openssl releases as
a matter of best practice, IMNSHO.

For more information, Matthew Green's writeup is quite informative:

More information about the tor-relays mailing list