In association with heise online

« previous | next »
You can send this piece of news from The H as an email:

You can specify up to 5 recipients, separated by commas.

Passphrase Bitte Grafik laden

Your personal data will only be used to deliver this mail. The data will not be used for any other purposes.

OpenSSL fixes DoS bug in recent bug fix

SSL icon The OpenSSL developers have released versions 1.0.0g and 0.9.8t to address a denial of service issue introduced by one of the six fixes included in the version they released earlier this month. The problem was created by the fix for a critical vulnerability in the CBC ("Cipher block chaining") encryption mode which enabled plaintext recovery of OpenSSL's implementation of DTLS (Datagram TLS).

Accordingly, the advisory notes that the DoS flaw only affects users using DTLS applications that use OpenSSL 1.0.0f and 0.9.8s. The developers credit Antonio Martin of Cisco Systems for discovering the bug and preparing the fix for it. Source code for the corrected versions is available to download.

(djwm)

The H Open Headlines
    • May's Community Calendar

            Price Insight Top 10 powered by Skinflint

            1. Samsung SSD 840 Pro Series 256GB
            2. Samsung SSD 840 Series 250GB
            3. HTC One 32GB schwarz
            4. Samsung Galaxy S4 i9505 16GB schwarz
            5. Intel Core i5-3570K
            6. Seagate Desktop HDD.15 4000GB
            7. Western Digital Red 3000GB
            8. Samsung SSD 840 Series 120GB
            9. HTC One 32GB silber
            10. Samsung Galaxy S3 i9300 16GB blau

            The H

            The H Open

            The H Security

            The H Developer

            The H Internet Toolkit