OpenSSL Gets Patch for 4-Year-Old Flaw

The open-source OpenSSL cryptographic library is being patched for a pair of security flaws, one of which has been in the code for at least four years.

OpenSSL, of course, is the source of the now infamous Heartbleed vulnerability, first disclosed on April 7. While Heartbleed has had a wide-ranging impact that has left hundreds of millions of users vulnerable, the newly patched issues are not quite as dramatic.