[HN Gopher] OpenSSL Security Advisory [5 July 2022] ___________________________________________________________________ OpenSSL Security Advisory [5 July 2022] Author : arkadiyt Score : 18 points Date : 2022-07-05 21:08 UTC (1 hours ago) (HTM) web link (www.openssl.org) (TXT) w3m dump (www.openssl.org) | NateLawson wrote: | Here's a good summary of the flaw: | | https://guidovranken.com/2022/06/27/notes-on-openssl-remote-... | | Note that the bug is only in 3.0.4, which was released June 21, | 2022. So if you didn't update to this version, it's unlikely | you're vulnerable. | smegsicle wrote: | i heard everyone is calling it AVXECUTIONER | | > Note that on a vulnerable machine, proper testing of OpenSSL | would fail and should be noticed before deployment. | | so is 'proper testing' included in the default build script or..? | cperciva wrote: | I don't know if it's in the default build script, but it | doesn't really matter -- most people install precompiled | binaries. | [deleted] ___________________________________________________________________ (page generated 2022-07-05 23:00 UTC)