Sign in to follow this  
Followers 0
Lee

release Security Advisory: ApexDC++ 1.5.14, OpenSSL fixes

1 post in this topic

We are pleased to announce immediate availability ApexDC++ 1.5.14, fixing security vulnerabilities found in the OpenSSL. The OpenSSL team had this to say about one of the vulnerabilities:

 

An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers. This can be exploited by a Man-in-the-middle (MITM) attack where the attacker can decrypt and modify traffic from the attacked client and server.

 

Therefore we advise all users on previous versions to upgrade to 1.5.14 immediately. The installer will provide a smooth upgrade without losing any settings or your queue.

 

Check out our full changelog for further details.

 

Download: ApexDC++ 1.5.14

Share this post


Link to post
Share on other sites
Sign in to follow this  
Followers 0