/plushcap/analysis/cloudflare/new-openssl-vulnerabilities-cloudflare-systems-patch

New OpenSSL vulnerabilities: CloudFlare systems patched

What's this blog post about?

On June 5, 2014, the OpenSSL team announced seven vulnerabilities affecting all versions of OpenSSL (0.9.8, 1.0.0, 1.0.1, and 1.0.2). The most severe issue is a potential on-path attack known as CCS Injection (CVE-2014-0224), with more technical details provided by Google's Adam Langley and the original problem reporter. CloudFlare has patched its servers, protecting customers from these vulnerabilities. Users of OpenSSL are advised to upgrade their software or server as soon as possible, as new versions have been released by the OpenSSL team.

Company
Cloudflare

Date published
June 5, 2014

Author(s)
John Graham-Cumming

Word count
110

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.