Yeah, so the most recent #openssl #bug was caused by an #untested C #parser #function with #bufferoverflow https://twitter.com/hanno/status/1587775.. The #tweet is very #negative , but #automating only gets you so far. All it does is encourage people to switch off their brains. #openssl despite being super important is really under #funded .
Pretty crazy #openssl #heartbleed #security #patch #inbound that affects pretty much everything, including #tor https://xeiaso.net/blog/openssl-3.x-secv.. Jesus this will be bad. Tonnes of #embedded and #longterm #systems have zero possibility of #upgrading ...
Note to self, this #blog #article correctly #identified that my #server had no #openssl #installed and it needed to be #built from #source https://jameskiefer.com/posts/installing.. Then I could #rebuild #python with it enabled. Don't get that kind of #support on #stackoverflow .
Damn, quite a #serious #openssl #certificate #infiniteloop #security #advisory #bug https://www.openssl.org/news/secadv/2022.. Damn. Seems to affect everybody.
Ouch, a very simple #security #bug found in a #openssl parameter #comparison #function https://karpov2007.medium.com/everybody-..