The Daily Dose

The OpenSSL project has just disclosed a devastating security flaw in the protocol that could expose the cryptographic keys and private communications from some of the most important sites and services on the Internet. If you’re running a server with OpenSSL 1.0.1 through 1.0.1f, it’s vital that you update to OpenSSL 1.0.1g immediately. Installations of OpenSSL prior to version 1.0.1 are unaffected by the bug, but OpenSSL 1.0.2-beta users will need to address it. Heartbleed.com has a detailed explanation of the issue, which is related to the “heartbeat” section of OpenSSL’s transport layer security (TSL) protocols and has been in the…

This story continues at The Next Web