Discover and read the best of Twitter Threads about #OpenSSL

Most recents (3)

I have a question: Why was this not found before they put that code into a release? #OpenSSL
Explanation: The latest openssl vulns are in a parser function for punycode. this is a new function in openssl 3.x, so there's no "this is legacy baggage" excuse. They added this code fairly recently.
It is the most unsurprising thing that code to parse something like punycode can contain buffer overflows. This should be the default assumption for everyone writing code in C.
Read 6 tweets
Why don't we release CVE numbers with pre-announcements?

It would be very convenient to name tools and write docs and open issues in advance. The point of CVEs is to get everyone talking about the vuln with the same name, and we are all talking about it already. #OpenSSL
Alright, configured a pretty vanilla Fly.io VM with OpenSSL 3.0.6 to act as a lab. Should be fun. #OpenSSL
Read 12 tweets
¡OpenSSL 3.0 ha sido publicado!

Tras 3 años de trabajo de desarrollo, 17 versiones alfa, 2 versiones beta, más de 7.500 commits y contribuciones de más de 350 autores diferentes, ¡por fin ha sido publicado OpenSSL 3.0!

Abro hilo...
OpenSSL 3.0 pasa a la licencia Apache 2.0. Las antiguas licencias "duales" de OpenSSL y SSLeay siguen aplicándose a las versiones más antiguas (1.1.1 y anteriores)
Esta versión mayor no es totalmente compatible con la anterior. La mayoría de las aplicaciones que funcionaban con OpenSSL 1.1.1 seguirán funcionando sin cambios y simplemente tendrán que ser recompiladas (es posible que aparezcan avisos sobre el uso de APIs obsoletas).
Read 10 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!