Ubuntu Security Notice 830-1: OpenSSL Vulnerability

Article Source Ubuntu Security Notices
September 14, 2009, 11:10 am

Dan Kaminsky discovered OpenSSL would still accept certificates with MD2 hash signatures. As a result, an attacker could potentially create a malicious trusted certificate to impersonate another site. This update handles this issue by completely disabling MD2 for certificate validation…

Read More