LegRoom.net Kick back and relax

A DoS vulnerability exists in all versions of OpenSSL prior to 0.9.6k and 0.9.7c. Upgrading as soon as possible is recommended. Read the full advisory for more information.

Also, on an unrelated note, two recent vulnerabilities in OpenSSH were discovered. This is a couple weeks old now, but definitely important enough to mention here. Short story: upgrade to OpenSSH 3.7.1p2 ASAP. For more information, read the original advisory, as well as the newer portable advisory.

Yeah, baby! Been waiting for this for a long time, and it definitely hasn't disappointed. Grab it while it's hot!

Download Sites
Release Notes
Highlighted Features
New features since 1.0

Update: 10/01 14:36 CST:Here's the official release announcement, as well as internetnews.com coverage.

For those not up to speed on this story, last week Dan Greer (CTO of security consultant @stake) and several others released a report entitled "Cyber Insecurity: The Cost of a Monopoly," in which they discussed the security issues related to Microsoft's market dominance (actual report can be found on the CCIA homepage).

Surprisingly, Greer was fired from his position as CTO of @stake one day after releasing the report. Why? Although @stake denies any involvement, Microsoft is one of their largest customers. Hmm... piss off a client in legitimate research and get fired? Wonderful.

So now, one week later, Greer himself has finally been interviewed about this. You can read the full story here. Although it's nothing earth-shattering, it does sum up the incredulity of the whole situation. Definitely worth a read.