Archive

OpenSSL Fixes Serious Issue That Could Lead to Memory Disclosure

New versions of OpenSSL fix several vulnerabilities, including one high-severity bug that could lead to memory disclosure.

OpenSSL 3.0.7 Fixes Two Buffer Overflows

OpenSSL 3.0.7 fixes two high-risk buffer overflows in Punycode decoding (CVE-2022-3786 and CVE-2022-3602), one of which can lead to remote code execution.

OpenSSL to Fix Critical Flaw

OpenSSL will patch a critical security flaw in version 3.0.x on Nov.1, though details of the bug are still private.

Remote Memory Corruption Bug Found in OpenSSL 3.0.4

A remotely exploitable memory corruption bug has been identified in OpenSSL 3.0.4 on x64 systems with the AVX512 instruction set.

OpenSSL Fixes High-Severity Bug

OpenSSL has fixed a high-risk denial-of-service vulnerability in several versions of the software.