Jeff Moss on Nostr: On top of being Patch Tuesday it is also update #OpenSSL day. "OpenSSL 3.4.1 is a ...
On top of being Patch Tuesday it is also update #OpenSSL day.
"OpenSSL 3.4.1 is a security patch release. The most severe CVE fixed in this release is HIGH.
- Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. (CVE-2024-12797)
- Fixed timing side-channel in ECDSA signature computation. (CVE-2024-13176)"
"OpenSSL 3.4.1 is a security patch release. The most severe CVE fixed in this release is HIGH.
- Fixed RFC7250 handshakes with unauthenticated servers don't abort as expected. (CVE-2024-12797)
- Fixed timing side-channel in ECDSA signature computation. (CVE-2024-13176)"