Eight Security Vulnerabilities Patched by OpenSSL Project

35

OpenSSL has been updated to new versions as its maintainer repaired a set of eight security glitches, most of them graded with low severity.

The risks they pose range from denial-of-service attacks, changing the fingerprint certificate, client authorization without verification message for a DH (Diffie-Hellman) certificate, client accepting the use of a temporary RSA or a handshake that leads to removing the forward secrecy from the ciphersuite.

Moderate severity flaws get fixed

Two of the … (read more)

Read more at Softpedia News