TLS – Xynik

DigiCert Revoking Many Certificates Due to Verification Issue

July 31, 2024 by Xynik

July 31, 2024 at 06:36AM DigiCert is revoking TLS certificates due to a domain validation issue, affecting websites, applications, and services. The company needs to revoke certificates within 24 hours due to strict CA/Browser Forum rules. The issue was related to validating domain ownership using a DNS CNAME record. Roughly 0.4% of domain validations were … Read more

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

October 11, 2023 by Xynik

October 11, 2023 at 12:06PM Patches have been released for a critical memory corruption vulnerability in the cURL data transfer project. The flaw, tracked as CVE-2023-38545, affects the SOCKS5 proxy handshake process in cURL, allowing remote exploitation in certain configurations. The bug can lead to heap buffer overflow, and affected versions are 7.69.0 to 8.3.0. … Read more