Blog
OpenSSL Issues Fix for High-Severity Alternative Chains Certificate Forgery (CVE-2015-1793)
By David Bisson on Thu, 07/09/2015
OpenSSL has released an advisory urging users to update their systems in the wake of a high-severity alternative chains certificate forgery bug.
"During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails," the advisory...