OpenSSL fixes High Severity data-stealing bug – patch now!
7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
7 memory mismanagements and a timing attack. We explain all the jargon bug terminology in plain English...
Microsoft's latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days
That bated-breath OpenSSL update is out! It's no longer rated CRITICAL, but we advise you to patch ASAP anyway. Here's why...
The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections. [...]
The OpenSSL project has rolled out fixes to contain two high-severity flaws in its widely used cryptography library that could result in a denial-of-service (DoS) and remote code execution
As everyone waits for news of a bug in OpenSSL, here's a reminder that other cryptographic code in your life may also need patching!
The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptographic library that could potentially lead to remote code execution under certain scenarios
The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems
Though severity up for debate, and limited chips affected, broken tests hold back previous patch from distribution The latest version of OpenSSL v3, a widely used open-source library for secure networking using the Transport Layer Security (TLS) protocol, contains a memory corruption vulnerability that imperils x64 systems with Intel's Advanced Vector Extensions 512 (AVX512).…
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.
QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch.
When it comes to writing loops in your code... never sit on the fence!
Bad data can throw vulnerable apps and services for an infinite loop A bug in OpenSSL certificate parsing leaves systems open to denial-of-service attacks from anyone wielding an explicit curve. …
The maintainers of OpenSSL have shipped patches to resolve a high-severity security flaw in its software library that could lead to a denial-of-service (DoS) condition when parsing certificates