Very recently, a new vulnerability in the SSL and TLS protocols was discovered, which may allow attackers to execute an arbitrary HTTP transaction. It seems that many SSL/TLS libraries will need to be patched in order to prevent such vulnerability.
A global update on the issue is available from CERT.
We have checked the Lightstreamer Server code and we can confirm that Lightstreamer is not affected by this vulnerability.
Friday, November 20, 2009
Wednesday, November 4, 2009