26 Sep
2016
26 Sep
'16
7:44 a.m.
On Sep 26, 2016, at 6:51 AM, Matthew Newton <mcn4@leicester.ac.uk> wrote:
Just to add to the fun...
CVE-2016-6309 and CVE-2016-7052 https://www.openssl.org/news/secadv/20160926.txt
They missed a couple of patches from the releases last week, so there's more today. These can lead to a segfault or arbitrary code execution.
Ugh. I've pushed fixes. Alan DeKok.