Mozilla Firefox and Thunderbird 12 now available

OpenSSL reissues fix for ASN1 BIO vulnerability

Published: 2012-04-24. Last Updated: 2012-04-24 15:45:03 UTC
by Russ McRee (Version: 1)
0 comment(s)

OpenSSL has posted an updated advisory today indicating the fix for CVE-2012-2110 released on 19APR2012 was not sufficient to correct the ASN1 BIO vulnerability issue for OpenSSL version 0.9.8.

Please note that this latest issue only affects OpenSSL 0.9.8v.  OpenSSL 1.0.1a and 1.0.0i already contain a patch as released on the 19th sufficient to correct CVE-2012-2110.

Please upgrade to 0.9.8w.

 

 

Keywords: OpenSSL
0 comment(s)
ISC StormCast for Tuesday, April 24th 2012 http://isc.sans.edu/podcastdetail.html?id=2485

Comments


Diary Archives