Vulnerability in OpenSSL - Use After Free following d2i_ECPrivatekey error

Use After Free following d2iECPrivatekey error. A malformed EC private key file consumed via the d2iECPrivateKey function could cause a use after free condition. This, in turn, could cause a double free in several private key parsing functions such as d2iPrivateKey or EVPPKCS82PKEY and could lead...

Google Announces its BoringSSL OpenSSL Fork

In the year-plus since surveillance, privacy and Snowden became part of the daily security conversation, technologies that safeguard online communication and commerce have become Job 1 for experts anxious to plug gaping flaws and shore up other usability deficiencies. OpenSSL is probably at the t...

Google Unveils BoringSSL, Another Flavor of OpenSSL

The open source encryption protocol, OpenSSL, which is used by several social networks, search engines, banks and other websites to enable secure connections while transmitting data, came to everybody's attention following the Heartbleed vulnerability, a critical bug in the OpenSSL's implementati...