Bleeping Computer

OpenSSL fixes severe DoS, certificate validation vulnerabilities

Today, the OpenSSL project has issued an advisory for two high-severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 lurking in OpenSSL products. OpenSSL is a commonly used software library for ...

OpenSSL 4.0 encrypts what TLS previously revealed

The crypto library removes legacy code, introduces ECH for better privacy, and prepares for post-quantum cryptography.
Threat Post

OpenSSL Past, Present and Future

Heartbleed made the world notice what kind of shape OpenSSL development was in from a financial and resources standpoint. In the year since, the project has been funded enough to hire full-time ...
ZDNet

OpenSSL dodges a security bullet

At first, it looked like the OpenSSL 3.x security bug was going to be truly awful. While it was feared to be a critical error that could lead to remote code execution ...