OpenSSL Releases Patch For “High” Severity Vulnerability

November 10th, 2016
by The Feeder

As announced on Tuesday, the OpenSSL project team released OpenSSL version 1.1.0c that addresses three security vulnerabilities in its software.

The most serious of all is a heap-based buffer overflow bug (CVE-2016-7054) related to Transport Layer Security (TLS) connections using *-CHACHA20-POLY1305 cipher suites.

The vulnerability, reported by Robert Święcki of the Google Security Team on

Posted in ddos attack, dos attack, OpenSSL, OpenSSL vulnerability, secure communication, SSL Certificate, SSL encryption, website security | Comments (0)