User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0 Build ID: 20150525141253 Steps to reproduce: watched at page https://weakdh.org/ it is depended on OpenSSL TSL authentication. Man in the middle can cause select less bit cryptografy at phase DH exchange key Actual results: less cryptography. captured connection data is much easer for brute force decryption Expected results: simpler crypto algorithm is used, see web page https://weakdh.org/ . This is common problem for all stuff using explict SSL cryptography, including apache web server & firefox web browser. It occurs in thunderbird too. For forcing succesfull attack, both connection sides must be affected.

Hi, thanks for reporting the bug. Firefox uses NSS instead of OpenSSL. I believe Thunderbird is the same. Bug 1138554 fixed Logjam for NSS, and the in tree copies of NSS were updated in Bug 1166031. => AFAICT this is invalid. If I'm missing something and somewhere within Firefox or Thunderbird a vulnerable OpenSSL version is still used, please feel free to re-open.