OpenSSL Security Advisory [25 March 2021]

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Openssl TLS Cryptography cve-2021-3449 Encryption

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • OpenSSL

    TLS/SSL and crypto library

    • here's the null pointer deference: https://github.com/openssl/openssl/commit/02b1636fe3db274497...

  • httpd

    Docker Official Image packaging for Apache HTTP Server (by docker-library)

    • You can try configuring SSLOptions -OptRenegotiate and then point ssllabs at it to see if reneg is disabled.

    If that doesn't work, recompile apache against an older version of openssl. Maybe the easiest way to do that is take the Dockerfile (https://github.com/docker-library/httpd/blob/master/2.4/Dock...), take out libssl-dev, compile a specific openssl version, then link against it.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • cve-2021-3449

    CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻‍💻

    • Does anyone have a PoC? Someone posted this on Github but the git log is squashed and doesn't show the changes they made. https://github.com/terorie/cve-2021-3449

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding

    2 projects | dev.to | 7 Apr 2024

  • Ask HN: How does the xz backdoor replace RSA_public_decrypt?

    1 project | news.ycombinator.com | 1 Apr 2024

  • Use of HTTPS Resource Records

    1 project | news.ycombinator.com | 4 Jan 2024

  • openssl-3.2.0 released

    1 project | /r/linux | 25 Nov 2023

  • Large performance degradation in OpenSSL 3

    1 project | news.ycombinator.com | 6 Oct 2023