OpenSSL’s most recent update introduced a critical vulnerability in the crypto library, forcing an emergency update today.

The OpenSSL project team today patched two vulnerabilities in the crypto library, one of which is rated high severity and exposes many popular applications to attack. The patches are in new releases of OpenSSL, 1.0.1r and 1.0.2f, along with an enhancement to the strength of the cryptography in a previous mitigation for last year’s Logjam...

OpenSSL is scheduled to update two versions of the software this week, patching a pair of vulnerabilities in the process. The OpenSSL project this morning said the updates will move users to versions 1.0.2f and 1.0.1r and should be available Thursday between 8 a.m. and noon Eastern time. “They will fix two security defects, one of...