December 11, 2009

SUSE Linux Security Announcement 2009:057: openssl

The TLS/SSLv3 protocol as implemented in openssl prior to this update¬â was not able to associate already sent data to a renegotiated connection.¬â This allowed man-in-the-middle attackers to inject HTTP requests in a¬â HTTPS session without being noticed...

Read More¬â 

Click Here!