[speedgoose]

Not OS or browser but my SSH servers use Teleport and my HTTPS servers use Traefik or Caddy.

Caddy, Traefik, and Teleport are written in Golang and not using OpenSSL. It’s a start.

[timdoug]

I adore Go, but it seems to be impacted too: https://groups.google.com/g/golang-announce/c/dRtDK7WS78g

[komuW]

Filippo Valsorda(FiloSottile), who is the maintainer of Go's cryptography libraries said on Go's slack channel that the patch is unrelated.

See screenshot of the slack conversation: https://paste.pics/f5622033ae711b36e0bbcda393a67866

[woodruffw]

This is almost certainly a different bug. I don't believe Go's standard library uses OpenSSL.

[timdoug]

You’re right re: implementation —- I’m drawing a conclusion solely from the coordinated disclosure that it’s a similar crypto/TLS issue.

If the Go issues were distinct I’d imagine they’d choose a different day to disclose/release?

[woodruffw]

> If the Go issues were distinct I’d imagine they’d choose a different day to disclose/release?

I think it's just a funny coincidence. That's going based on what I know about the OpenSSL one; I don't know anything about the Go one. We'll find out!

[komuW]

it's unrelated; https://news.ycombinator.com/item?id=33382369

[speedgoose]

Indeed, it doesn’t sound like a coincidence.