Wednesday, 18 March 2015

OpenSSL team warns of major vulnerability

The team behind the popular OpenSSL cryptographic library has warned of an impending patch, due for release this Thursday, which fixes an as-yet unreleased serious security vulnerability.

The OpenSSL project hit headlines in April last year when details of the 
Heartbleed vulnerability numerous versions found to be vulnerable to a serious flaw that was proven to allow a remote attacker to discover the private key from within the memory of the server without leaving a single trace...Details of the new vulnerability are being kept private until the patched builds are released, to prevent widespread attacks.