OpenSSL Affected By Four More Security Vulnerabilities

Articles & Reviews
News Archive
Forums
Premium
Categories

Computers GPUs / Graphics Cards Linux Gaming Memory Motherboards CPUs / Processors Software Storage Operating Systems Peripherals

OpenSSL Affected By Four More Security Vulnerabilities

Written by Michael Larabel in Free Software on 3 December 2015 at 11:25 AM EST. 13 Comments

The OpenSSL project made public today four new security advisories. Three of the issues are considered of moderate severity while one is low.

One issue is about BN_mod_exp producing incorrect results on xx86_64, a certificate verify crash with missing PSS parameter, X509_ATTRIBUTE memoryl eak, and the low issue is a race condition handling PSK identify hint.

New versions of OpenSSL 0.9.8 and 1.0.0 series are released, but these are anticipated to be the last security fixes to be released in those series. Users are encouraged to upgrade.

More details via the OpenSSL.org security advisory.

13 Comments

Inkscape 1.2 Open-Source Vector Graphics Program Released

Jemalloc 5.3 Released With Many Speed & Space Optimizations

PAPPL 1.2 Released With Full Localization Support, More IPP Features

OpenJPEG 2.5 Released With High Throughput JPEG 2000 Decoding (HTJ2K)

Dbus-Broker 30 Released For High Performance Linux Message Bus

About The Author

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.