Over-Hyped OpenSSL Vulnerability November 2022

Channel:

United Kingdom

Subscribers:

54,700

Published on November 2, 2022 9:42:58 PM ● Video Link: https://www.youtube.com/watch?v=kEkRyf8447o

Duration: 7:55

4,441 views

161

There was an announcement that OpenSSL 3.0.7 was due to be released on 1st November 2022 and that it would contain a security-fix rated at Critical.
This was subsequently over-hyped by the Infosec community, and the vulnerability was downgraded to High prior to the patch release.

Users of OpenSSL 3.0.0 to 3.0.6 should apply updates at your convenience.
The vulnerability does not affect older releases of OpenSSL.

Vulnerabilities Patched:
X.509 Email Address 4-byte Buffer Overflow (CVE-2022-3602)
X.509 Email Address Variable Length Buffer Overflow (CVE-2022-3786)

Sources:
https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html
https://www.cisa.gov/uscert/ncas/alerts/TA14-098A
https://www.globalsign.com/en/blog/urgent-patch-openssl-november-1-avoid-critical-security-vulnerability
https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/new-openssl-v3-vulnerability-prepare-with-microsoft-defender-for/ba-p/3666487
https://isc.sans.edu/forums/diary/Upcoming Critical OpenSSL Vulnerability What will be Affected/29192
https://www.openssl.org/news/secadv/20221101.txt
https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/

Like my channel? Please help support it:
Paypal: https://www.paypal.me/quidsup

Follow me on Social Media
Twitter: https://twitter.com/quidsup
MeWe: https://mewe.com/i/quidsup
Minds: https://minds.com/quidsup

#OpenSSL
#CyberSecurity
#OverHyped
#QuidsupLinux

Other Videos By quidsup

2022-11-02	Over-Hyped OpenSSL Vulnerability November 2022
2022-10-16	Volla Phone 22 – DeGoogled Android Phone
2022-02-06	Peppermint OS Review 2022.02
2022-01-13	How to get Terminal Autocomplete Working in Ubuntu
2021-12-29	LaTex Tutorial - Algorithms revisited - Switch statement
2021-12-21	NoTrack Install Guide
2021-12-06	Initial Look at Odroid HC4 - ARM Based NAS
2021-11-27	How To Minify / Optimize SVG Files By Hand
2021-11-19	Where Sudo Incidents End Up
2021-11-10	Streets of Rage X - Fan made game
2021-10-23	Ubuntu 21.10, ITIL Exam Passed, and NoTrack 21.10 Released
2021-10-03	Gaming in Linux – SuperTuxKart 1.3
2021-09-26	Hello Again
2021-06-27	Upgrading Ubuntu From A New User Perspective
2021-06-16	Looking at Brave Search Engine
2021-06-08	Inkscape Tutorial: Image Tracing
2021-06-05	ImageMagick Animation Tutorial
2021-05-28	The End of Glimpse Image Editor (The Non-Problematic Fork of GIMP)
2021-05-20	Bodhi Linux 6.0.0 Review - Lightweight But Not Sparse
2021-04-28	Looking at All the Official Ubuntu 21.04 Distributions
2021-04-21	Can Linux Offer More Security In A WFH World

Tags:

CyberSecurity

OpenSSL

OpenSource

News

Linux

Windows

QuidsupLinux

Recent Activity

Channel	Latest
Waleczny Bigos	6 hours ago
rynogt4	6 hours ago
Joe, The Alternative Gamer	6 hours ago
Pittsbersk Gaming	6 hours ago
Rasplin	6 hours ago
ArtizzzMlbb	6 hours ago
Bumpy McSquigums	6 hours ago
Blanc IT	7 hours ago
Daenerys & Mama	7 hours ago
guilhermeoss	7 hours ago
Ilyasflamecars	7 hours ago
Smokers 97	7 hours ago
EricVanWilderman	7 hours ago
GamePhantom	7 hours ago
UdinMauluddin	7 hours ago
krisfire98	7 hours ago
Dabuin	7 hours ago
Dave Gaming	7 hours ago
ProbIems	7 hours ago
Heringway	7 hours ago
The Game Archivist	7 hours ago
Keith Ballard	7 hours ago
off chat MLBB	7 hours ago
Niks Playz	7 hours ago
Atas Gudang	7 hours ago