back to article OpenSSL swats a dozen bugs, one notable nasty

A dozen flaws have been patched in OpenSSL, including one high severity hole that allows denial of service attacks. The OpenSSL Project pushed patches in versions 1.1.0a, 1.0.2i and 1.0.1u, with most of the flaws flagged as low severity risks. The nastiest vulnerability (CVE-2016-6304) results when attackers issue a massive …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Tomato42
    Boffin

    openssl-0.9.8zh is also vulnerable but patches won't be made for it

    1 0 Reply
  2. Benchops

    CVE-2016-6304 ?

    It's not snappy and there's no logo. No-one's going to want to exploit that.

    7 0 Reply
  3. Arthur the cat Silver badge

    It's a real shame we can't just take OpenSSL outside and shoot it. Sometimes legacies are not good to have.

    1 0 Reply
  4. m4r35n357

    What makes you think we can't? http://www.libressl.org/

    4 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020

Do not sell my personal information Cookies Privacy Ts&Cs