OpenSSL Security Fixes
Posted on 2021-03-29: https://twitter.com/filosottile/status/1375087988598792193
By @filosottile on twitter:
OpenSSL security fixes dropped.
CVE-2021-3450 is a complete certificate verification bypass in niche non-standard configurations.
CVE-2021-3449 is a NULL pointer dereference crash in default server configurations.
Wow those are some crazy bugs. Love the NULL pointer dereference in 2021 :)