The OpenSSL project has reported fixes for several vulnerabilities, at least one of them serious. The most significant vulnerability is SSL/TLS MITM vulnerability (CVE-2014-0224). Unlike Heartbleed, ...

Websites and companies that rely on OpenSSL should patch their systems as soon as possible. The developer of Open SSL, a widely used open-source encryption library, released Tuesday a patch to fix two ...

Just two months after the Heartbleed Bug scare, the open-source group for OpenSSL today warned of a new set of vulnerabilities discovered in the protocol that could let an attacker carry out ...

The maintainers of the OpenSSL library, one of the more widely deployed cryptographic libraries on the Web, have fixed a serious vulnerability that could have resulted in the revelation of 64 KB of ...

New security holes are always showing up. The latest one, the so-called Heartbleed Bug in the OpenSSL cryptographic library, is an especially bad one. While Heartbleed only affects OpenSSL's 1.0.1 and ...

The two vulnerabilities in OpenSSL 3.0 are now rated as high rather than critical severity after further testing. The OpenSSL project released a patch for two high severity vulnerabilities in the ...

Server administrators are advised to upgrade OpenSSL again to fix eight new vulnerabilities, two of which can lead to denial-of-service (DoS) attacks. The flaws are only of moderate and low severity, ...

The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections. The vulnerabilities ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...

The OpenSSL project team has patched two vulnerabilities in the cryptographic library and enhanced the strength of existing cryptography used by OpenSSL versions 1.0.1 and 1.0.2. OpenSSL 1.0.2 users ...

A newly discovered vulnerability that allows spying on encrypted SSL/TLS communications has been identified and fixed in the widely used OpenSSL library. The vulnerability, which is being tracked as ...