More
OpenSSL Patches Security Vulnerabilities

OpenSSL Patches Security Vulnerabilities

09-01-2015 12:28:49

OpenSSL released four patches for new security vulnerabilities found in OpenSSL versions 1.0.1 and 0.9.8. These patches fix a total of eight vulnerabilities, two of which are rated moderate and the others are considered low risk.

Both of the moderate vulnerabilities affect DTLS users and could lead to a Denial of Service attack. In the first vulnerability, sends a crafted DTLS message will cause a segmentation faul. In the second a memory leak can occur in the dtls1_buffer_record function .

The rest of the vulnerabilities are rated as a low risk.

What should you do?

OpenSSL users should patch their systems, particularly systems using DTLS. Source code is available for the OpenSSL patches you find here https://www.openssl.org/source/

Recent Posts

Comodo is now Sectigo
09-11-2018 12:54:30

According to previous announcements, a year after the acquisition of Comodo Group by Francisco Partners, on November 1 Comodo CA announced that from now on it is changing its brand to Sectigo [pronounced. sec-tee-go]. The goal of rebranding is consistency in company communication and better dedication to what Comodo is doing now.

Comodo is now Sectigo
European Cyber Security Month 2018
27-09-2018 10:46:21

The European Union Agency for Network and Information Security (ENISA), which is the center of knowledge about cyber security in Europe, organizes as every year in October the European Cyber Security Month. The campaign is starting in a few days. What is its purpose and how can you participate in it?

European Cyber Security Month 2018
GDPR and SSL certificate. Is encryption necessary for compliance with the GDPR?
18-05-2018 15:47:40

General Data Protection Regulation (GDPR) is a 99-article regulation meant to protect the private data of Europeans in IT systems. Announced in 2016, covers a broad variety of topics and will go into effect as a requirement on May 25, 2018. GDPR applies to any company doing business in Europe even if it is located elsewhere.

GDPR and SSL certificate. Is encryption necessary for compliance with the GDPR?
more posts