Recent OpenSSL Security Advisories Are a Good Thing

Want to help support this blog? Try out Oh Dear, the best all-in-one monitoring tool for your entire website, co-founded by me (the guy that wrote this blogpost). Start with a 10-day trial, no strings attached.

We offer uptime monitoring, SSL checks, broken links checking, performance & cronjob monitoring, branded status pages & so much more. Try us out today!

Profile image of Mattias Geniar

Mattias Geniar, January 08, 2015

Follow me on Twitter as @mattiasgeniar

The announcement of upcoming security advisories was just finalized with several new CVE’s being announced by OpenSSL. I like this.

Obviously not the CVE’s themselves. But the announcement means OpenSSL is far from dead. It means there’s security researchers finding bugs and there are developers fixing them. It means responsible disclosure. This isn’t a new piss at LibreSSL, but a positive look towards OpenSSL.

In May 2014 a donation of 133.000eur was made to the OpenSSL project, and in December that same company donated the same amount, again. Big cheers!

I know 2 donations a year, from the same company, don’t fix the problems with OpenSSL. But I am glad to still see OpenSSL alive and kicking and being actively supported!



Want to subscribe to the cron.weekly newsletter?

I write a weekly-ish newsletter on Linux, open source & webdevelopment called cron.weekly.

It features the latest news, guides & tutorials and new open source projects. You can sign up via email below.

No spam. Just some good, practical Linux & open source content.