[nycphp-talk] OpenSSL Patches
Tim Gales
tgales at tgaconnect.com
Wed Oct 1 16:26:49 EDT 2003
There is a new patch available for OpenSSL (versions 0.9.7c
and 0.9.6k.)
It turns out under the SSL/TLS parser is vulnerable to a
specially crafted malicious security certificate (X.509)
which could cause it to crash .
This means you would have no way to connect via secure
sockets. The sky is definitely not falling here (my opinion)
but you might want to read about it.
http://www.kb.cert.org/vuls/id/935264
T. Gales & Associates
Helping People Connect with Technology
http://www.tgaconnect.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20031001/13987929/attachment.html>
More information about the talk
mailing list