Posts Tagged ‘OpenSSL’

Latest OpenSSL version is affected by a remote memory corruption flaw

Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido Vranken discovered a remote memory-corruption vulnerability in the recently released OpenSSL version 3.0.4. The library was released on June 21, 2022, and affects x64 systems with the AVX-512 instruction set. “OpenSSL version 3.0.4, released on June 21th 2022, is susceptible to remote memory […]

Leave a Comment

Serious Security: OpenSSL fixes “error conflation” bugs – how mixing up mistakes can lead to trouble

OpenSSL publishes updates Well, in case you missed it, the renowned OpenSSL cryptographic toolkit – a free and open source software product that we’re guessing is installed somewhere between one and three orders of magnitude more widely than Log4J – also published updates this week. OpenSSL 1.1.1m replaces 1.1.1l (those last characters are M-for-Mike and L-for-Lima), and OpenSSL 3.0.1 replaces 3.0.0. In case you […]

Leave a Comment

Big bad decryption bug in OpenSSL – but no cause for alarm

The bugs OpenSSL, as its name suggests, is mainly used by network software that uses the TLS protocol (transport layer security), formerly known as SSL (secure sockets layer), to protect data in transit. Although TLS has now replaced SSL, removing a huge number of cryptographic flaws along the way, many of the popular open source […]

Leave a Comment

Serious Security: OpenSSL fixes two high-severity crypto bugs

We’re sure you’ve heard of OpenSSL, and even if you aren’t a coder yourself, you’ve almost certainly used it. OpenSSL is one of the most popular open-source cryptography libraries out there, and lots of well-known products rely on it, especially on Linux, which doesn’t have a standard, built-in encryption toolkit of its own. Even on Windows […]

Leave a Comment

OpenSSL Project released 1.1.1k version to fix two High-severity flaws

Leave a Comment

The OpenSSL Project addressed three vulnerabilities

Leave a Comment