OpenSSL Affected By Four More Security Vulnerabilities
Written by Michael Larabel in Free Software on 3 December 2015 at 11:25 AM EST. 13 Comments
FREE SOFTWARE --
The OpenSSL project made public today four new security advisories. Three of the issues are considered of moderate severity while one is low.

One issue is about BN_mod_exp producing incorrect results on xx86_64, a certificate verify crash with missing PSS parameter, X509_ATTRIBUTE memoryl eak, and the low issue is a race condition handling PSK identify hint.

New versions of OpenSSL 0.9.8 and 1.0.0 series are released, but these are anticipated to be the last security fixes to be released in those series. Users are encouraged to upgrade.

More details via the OpenSSL.org security advisory.
13 Comments
Related News
POCL 1.5-RC1 Released As The Portable OpenCL Implementation For CPUs + Other Targets
Apache Software Foundation Celebrates Its 21st Birthday
Jcat 0.1 Released As Alternative To Microsoft Catalog Files
BlueZ 5.54 Linux Bluetooth Stack Released With Just-Works Repairing Policy, EATT Support
Memcached 1.6 Released With Enhanced Performance For This Memory Caching System
Blender 2.83 To Be An LTS Release, Blender 3.0 Next Summer
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week
It's Official But Sad: TrueOS Is Over As Once The Best Desktop BSD OS
RHEL9 Likely To Drop Older x86_64 CPUs, Fedora Can Better Prepare With "Enterprise Linux Next"
Some Of The Features To Look Forward To With Linux 5.7
The Best Features Of The Linux 5.6 Kernel From WireGuard To Y2038 Compatibility To USB4
VirtIO Video Driver Coming Together For The Mainline Linux Kernel
AMD Developers Looking At GNU C Library Platform Optimizations For Zen
Mesa's Continuous Integration To Begin Seeing Testing Coverage For Wine / DXVK
Linux 5.6 Ships With Broken Intel WiFi Driver After Network Security Fixes Go Awry