[HN Gopher] OpenSSL Security Advisory [5 July 2022]
___________________________________________________________________
 
OpenSSL Security Advisory [5 July 2022]
 
Author : arkadiyt
Score  : 18 points
Date   : 2022-07-05 21:08 UTC (1 hours ago)
 

web link (www.openssl.org)

w3m dump (www.openssl.org)

 
| NateLawson wrote:
| Here's a good summary of the flaw:
| 
| https://guidovranken.com/2022/06/27/notes-on-openssl-remote-...
| 
| Note that the bug is only in 3.0.4, which was released June 21,
| 2022. So if you didn't update to this version, it's unlikely
| you're vulnerable.
 
| smegsicle wrote:
| i heard everyone is calling it AVXECUTIONER
| 
| > Note that on a vulnerable machine, proper testing of OpenSSL
| would fail and should be noticed before deployment.
| 
| so is 'proper testing' included in the default build script or..?
 
  | cperciva wrote:
  | I don't know if it's in the default build script, but it
  | doesn't really matter -- most people install precompiled
  | binaries.
 
| [deleted]
 
___________________________________________________________________
(page generated 2022-07-05 23:00 UTC)