GitLab

According to http://openssl.org/news/secadv_20120104.txt , there is an information leakage vulnerability when making SSL3 connections with SSL_MODE_RELEASE_BUFFERS, where uninitialized memory can get leaked, up to 15 bytes at a time. The bug is fixed in openssl 1.0.0f and 0.9.8s.

(I'm told this was found by wanoskarnet, reported by asn to agl, who got it fixed in openssl.)

On Tor's side, the easiest fix is to just require TLS1 only, and not support SSL3 any more. But that could create problems with our cipher lists.