Jan Schaumann · @jschauma
921 followers · 259 posts · Server mstdn.social
Google landed randomized #TLS #ClientHello extensions in #Chrome 110 to help stave off protocol ossification.
https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo/m/CCl6Y2qLBAAJ
Mozilla will follow:
https://hg.mozilla.org/projects/nss/rev/27164e3fc3a12bd2555aec1ff43dddd8cd355dd3
Here's what this looks like in Chrome - note that this implies different TLS fingerprints (see #JA3):
#ja3 #Chrome #ClientHello #tls
🖱🛠👉👕👈 SOSOrdinet 🎣🖥️🐛 🗞️ · @SOSOrdinet
15 followers · 845 posts · Server social.targaryen.house
#OpenSSL : mise en lumière de deux vulnérabilités… il est vivement conseillé de mettre à jour vers la version – patchée – 1.1.1k !
#openssl #securite #miseajour #certification #ClientHello
Julien M. · @julm
485 followers · 4935 posts · Server framapiaf.org#CyberSecurity
> Major changes between #OpenSSL 1.1.1j and #OpenSSL 1.1.1k [25 Mar 2021]
> - Fixed a problem with verifying a certificate chain when using the #X509_V_FLAG_X509_STRICT flag (#CVE-2021-3450)
> - Fixed an issue where an #OpenSSL #TLS server may #crash if sent a maliciously crafted renegotiation #ClientHello message from a client (#CVE-2021-3449)
https://www.openssl.org/news/openssl-1.1.1-notes.html
#ClientHello #crash #tls #cve #X509_V_FLAG_X509_STRICT #openssl #cybersecurity