MorphOS : : MorphOS 3.16 openssl3.library CVE-2022-0778 hotfix
Posted By: Piru. on 2022/3/15 19:50:24
A vulnerability has been identified and fixed in the OpenSSL 3.0.1 included in MorphOS 3.16. The vulnerability (CVE-2022-0778) allows malicious attackers to create TLS certificates that when connected to result in the client application hanging indefinitely.

A fixed openssl3.library (based on OpenSSL 3.0.2) will be released as the part of the future MorphOS 3.17 release. Meanwhile you can install the following replacement openssl3.library that fixes the problem for MorphOS 3.16:
https://morphos-team.net/files/openssl3.library

To install it, copy the file to MOSSYS:Libs and reboot.
 
  • Paladin of the Pegasos
    Paladin of the Pegasos
    NewSense
    Joined: 2012/11/10
    Posts: 1476
    From: Manchester, UK/GB
    @ Piru - thanks for keeping online access as safe as possible, you're invaluable for all that you do. 8-D
    MacMini 1.5GHz,64MB VRAM, PowerBooks A1138/9 (Model 5,8/9),PowerMac G5 2.3GHz(DP), iMac A1145 2.1GHz 20", all with MorphOS v3.18+,Airport,Bluetooth,A1016 Keyboard,T-RB22 Mouse,DVD-RW-DL,MiniMax,Firewire/USB2 & MacOSX 10.4/5
  • »2022/3/18 18:34
    Profile