News

OpenSSL Releases Patch This Week For High-Risk Vulnerability

By admin
Spread the love

The project team behind OpenSSL is patching two vulnerabilities this week, including one in the “high” category in terms of vulnerability severity. This is a level below ‘critical’. It is not yet clear which vulnerabilities are involved.

The versions that should fix the vulnerabilities are 1.0.2f and 1.0.1r, which will be available on Thursday. No additional details are known, only that it concerns two vulnerabilities with the assessment ‘high’ and ‘low’. OpenSSL uses four levels to estimate the severity of a vulnerability, with ‘low’ being the lowest level and ‘critical’ the highest level. It is therefore recommended to perform an update if the patch is available.

OpenSSL hit the headlines in April 2014 because of the critical Heartbleed bug, which made it possible to read out the internal memory of a web server. Vulnerabilities in OpenSSL often have a major impact. For example, the software is found on more than 98 percent of all Debian machines, which is a Linux version that is popular for use on servers. These use OpenSSL to offer secure SSL and TLS connections. Google has been using a fork of the software called BoringSSL since 2014.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support