-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Oct 30, 2022
British security researcher Kevin Beaumont has played down the hype over a recent announcement about a critical flaw in the open-source cryptographic library OpenSSL from Red Hat Linux. The advisory is due on 1 November.
Mark Cox, vice-president of security at the Apache Software Foundation, tweeted on 26 October that an OpenSSL 3.0.7 update would fix a critical CVE due to be announced on 1 November, adding that it did not affect versions before 3.0.
This led to American tech site ZDNet putting the hype machine in overdrive, with Steven Vaughan-Nicholls penning an article where the standfirst read: "We don't have the details yet, but we can safely say that come Nov. 1, everyone - and I mean everyone – will need to patch OpenSSL 3.x."
Read on
-- Response ended
-- Page fetched on Sat Jun 1 07:16:47 2024