Flaws found in OpenSSL encryption module

Friday, 30 November 2007, 11:57 AM EST

The Open Source Software Institute has released a patch and a workaround for problems found in the OpenSSL library of encryption algorithms.

The module gave federal users an open-source option for Secure Sockets Layer virtual private networks when it was certified to Federal Information Processing Standard (FIPS) 140-2 under the federal Cryptographic Module Validation Programs (CMVP). Agencies are required to use FIPS-certified cryptographic products to protect sensitive but unclassified data on non-national-security networks. The patches present a dilemma for federal users of the software.

At GCN.

[ Read more ]




Spotlight

Whitepaper: Zero Trust approach to network security

Posted on 20 November 2014.  |  Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Nov 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //