If you’re totally bored this Friday then there’s something to wake up all #infosec folks - a series of new vulnerabilities in #OpenSSL has just landed, including one high-severity. While it’s described as ‘remote-code execution’ kind of fortunately it applies to a stored digital signature format (CMS) which is used in digitally signed PDF and S/MIME but not in any transport security protocols.
https://openssl-library.org/news/vulnerabilities/index.html
https://openssl-library.org/news/vulnerabilities/index.html