OpenSSL gap in ASN1 parser

Due to a vulnerability in the OpenSSL ASN1 parser OpenSSL has recently released a new version of their SSL certificate processing programs.

Not affected was the sshd server itself but software which parsed public RSA keys, or the X.509 client certificates, e.g. for logon purposes. The recent OpenSSL versions 1.0.1a, 1.0.0i and 0.9.8v fix this so called “ASN1 BIO” gap.

CAcert has upgraded its installation within 24 hours after the fix was delivered to maintain stability and availability of its public services.


Leave a Reply