MorphOS : : MorphOS 3.16 openssl3.library CVE-2022-0778 hotfix
Posted By: Piru. on 2022/3/15 19:50:24
A vulnerability has been identified and fixed in the OpenSSL 3.0.1 included in MorphOS 3.16. The vulnerability (CVE-2022-0778) allows malicious attackers to create TLS certificates that when connected to result in the client application hanging indefinitely.

A fixed openssl3.library (based on OpenSSL 3.0.2) will be released as the part of the future MorphOS 3.17 release. Meanwhile you can install the following replacement openssl3.library that fixes the problem for MorphOS 3.16:
https://morphos-team.net/files/openssl3.library

To install it, copy the file to MOSSYS:Libs and reboot.
 
  • Paladin of the Pegasos
    Paladin of the Pegasos
    NewSense
    Joined: 2012/11/10
    Posts: 1230
    From: Manchester, UK/GB
    @ Piru - thanks for keeping online access as safe as possible, you're invaluable for all that you do. 8-D
    MacMini 1.5GHz,10,2,64MB VRAM,1GB,Airport, Bluetooth,A1016 Keyboard,T-RB22 Mouse,DVD-RW-DL+CD-RW,Iomega MiniMax,Belkin 6 port 3 x Firewire/3 x, USB2, MorphOS 3.12, Mac OSX 10.4/10.5, A1138+A1139 PwrBk MOS v3.12,Model 5,8/5,9, & PowerMac G5 2.3GHz(DP)
  • »2022/3/18 18:34
    Profile