OpenSSL fixes severe DoS, certificate validation vulnerabilities
Today, the OpenSSL project has issued an advisory for two high-severity vulnerabilities CVE-2021-3449 and CVE-2021-3450 lurking in OpenSSL products. OpenSSL is a commonly used software library for building networking applications and servers that need to establish secure communications. These flaws include: CVE-2021-3449: A Denial of Service (DoS) flaw due to NULL pointer dereferencing which only impacts OpenSSL server instances, not the clients. CVE-2021-3450: An improper Certificate Authority…