Critical Vulnerability Patched in Roundcube Webmail

Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts. Continue reading Critical Vulnerability Patched in Roundcube Webmail

VeraCrypt Patches Critical Vulnerabilities Uncovered in Audit

An audit of open source file and disk encryption software VeraCrypt wrapped up and a number of critical vulnerabilities uncovered in the assessment were patched. Continue reading VeraCrypt Patches Critical Vulnerabilities Uncovered in Audit

OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

OpenSSL patched a high-severity vulnerability in its deployment on the Online Certificate Status Protocol, and also mitigated the SWEET32 attack. Continue reading OpenSSL Patches High-Severity OCSP Bug, Mitigates SWEET32 Attack

Patched libarchive Vulnerabilities Have Big Reach

Libarchive was patched against three memory-related vulnerabilities, putting pressure on admins to ensure third-party software that also uses the library is patched. Continue reading Patched libarchive Vulnerabilities Have Big Reach