OpenSSL fixes DoS bug in recent bug fix

The OpenSSL developers have released versions 1.0.0g and 0.9.8t to address a denial of service issue introduced by one of the six fixes included in the version they released earlier this month. The problem was created by the fix for a critical vulnerability in the CBC (“Cipher block chaining”) encryption mode which enabled plaintext recovery of OpenSSL’s implementation of DTLS (Datagram TLS).

Read more at H-online

Comments are closed.