The OpenSSL project team today patched two vulnerabilities in the crypto library, one of which is rated high severity.
Tag Archives: OpenSSL patch
OpenSSL Patches Critical Certificate Validation Vulnerability
A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.
OpenSSL Mystery Patch is No Heartbleed
The anticipated high severity patch in OpenSSL is for a denial-of-service vulnerability in the recently released version 1.0.2 that can crash a client or server with a malformed certificate.