Some OpenSSL versions suffered serious leak – Update

Jul

8

2015

The OpenSSL developers spend Thursday a new version of their software, which requires to fix a serious security problem. Especially servers use OpenSSL to provide SSL / TLS connections.

Lack ssl The developers are not yet known to what exactly the problem is. They report , however, that the leak has been classified as ‘serious’. This means that the chance that attackers exploit it. The next 1.0.2d- and 1.0.1p releases fix the leak, which has affected all versions except 1.0.0 and 0.9.8.

Servers often use OpenSSL to provide SSL and TLS connections. Also, some browsers and operating systems to end users such as Linux distributions, use the SSL library. Google used OpenSSL to last year Chrome OS and Android, but eventually made its own implementation of the software.

The OpenSSL Project is a turbulent time behind us. Last year took the so-called Heart Bleed bug causes a portion of the internal memory of servers and clients was read out by OpenSSL. The bug unleashed a storm of criticism on OpenSSL, which would be poorly maintained. Later turned OpenSSL least still contain a serious leak.

Update, 20:25 am – 1.0.2d- and 1.0.1p releases fix the leak right, instead of what was written earlier. The article has been adjusted accordingly.

In: Technology & Gadgets Asked By: [18748 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »


Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]