AnsweredAssumed Answered

New OpenSSL high vulnerability: Alternative chains certificate forgery (CVE-2015-1793)

Question asked by j-mailor on Jul 10, 2015
Latest reply on Jul 10, 2015 by Ivan Ristić

According to release notes: https://www.openssl.org/news/secadv_20150709.txt there was new high severity vulnerability found in OpenSSL. The lucky this time is it only effects the latest fix levels versions:

- 1.0.2 series: only 1.0.2b and 1.0.2c

- 1.0.1 series: only 1.0.1n and 1.0.1o

- 1.0.0 series: not vulnerable

- 0.9.8 series: not vulnerable

 

Can we expect test on SSLLabs about this vulnerability?

Outcomes