Joined: 03 Mar 2002
|Posted: Fri Mar 26, 2021 9:57 pm Post subject: Abyss Web Server 2.14.2 fixes a SSL/TLS vulnerability
|Yesterday, a highly severe flaw in the open source OpenSSL library was announced (CVE-2021-3449.)
As many software products, Aprelium has used since 2007 the OpenSSL library as the basis of the SSL/TLS engine of Abyss Web Server.
Even though OpenSSL is widely adopted and is considered by some as a de facto industry standard, vulnerabilities and bugs still remain hidden in its code base despite the potential millions of developers and auditors who have access to its internals.
As soon as the CVE was made public, our team acted quickly on integrating the fix, then built, tested, and published the new updates for all editions of Abyss Web Server.
It is highly recommended to upgrade immediately to the new version to prevent any DoS (denial of service) attacks that may take advantage of the recently discovered vulnerability.
For more details, please check https://aprelium.com/news/abws2-14-2.html .
Follow @abyssws on Twitter
Subscribe to our newsletter
Aprelium - https://aprelium.com