home.social

#theskyisnotfalling — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #theskyisnotfalling, aggregated by home.social.

  1. aegilops @aegilops ·

    The long awaited OpenSSL vulns are out, and for both...

    "this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer."

    Either way you would already have problems, because you trust an untrustworthy CA, or you don't validate certs.

    openssl.org/news/vulnerabiliti

    #defcon0 #standdown #theskyisnotfalling #openssl #x509