BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: May 22nd, 2020 (libssl)

Errata patches for LibreSSL have been released for OpenBSD 6.7.

A TLS client with peer verification disabled may crash when contacting a
server that sends an empty certificate list.

Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the errata page:

  https://www.openbsd.org/errata67.html