Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: OpenSSL Security Update - SANS Internet Storm Center SANS ISC InfoSec Forums

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
OpenSSL Security Update

OpenSSL has issued a security update for the CMS and S/MIME Bleichenbacher attack (CVE-2012-0884). "SSL/TLS applications are *NOT* affected by this problem since the SSL/TLS code does not use the PKCS#7 or CMS decryption code." [1]

OpenSSL 0.9.8u and OpenSSL 1.0.0h are available for download here.



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu


417 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!