Is CFEngine affected by DH small subgroups (CVE-2016-0701)

After a review of the advisory and our implementation we do not believe we are affected because we don't use DH or DHE key exchange.

Mission Portal is also not affected since mod_ssl set the SSL_OP_SINGLE_DH_USE flag, which circumvents the exploit.



Powered by Zendesk