Blog - wolfSSL

wolfSSL 5.8.4 Now Available

November 21, 2025November 21, 2025

wolfSSL 5.8.4 introduces several updates, including the addition of a GPLv3 exceptions list. This allows specific GPLv3-licensed codebases linking against wolfSSL to continue using wolfSSL under GPLv2. Current GPLv3 Exceptions: MariaDB Server MariaDB Client Libraries OpenVPN-NL Fetchmail OpenVPN Security Fixes This release includes multiple fixes across TLS 1.2, TLS 1.3, X25519, XChaCha20-Poly1305, and PSK processing. […]

January 15, 2026January 14, 2026

As the cybersecurity landscape prepares for the advent of quantum computing, the Trusted Platform Module (TPM) ecosystem is evolving to meet these new challenges. wolfSSL is proud to announce that wolfTPM now includes initial support for the TPM 2.0 Library Specification v1.85, bringing Post-Quantum Cryptography (PQC) capabilities to your hardware-backed security workflows. This update introduces […]

January 14, 2026January 7, 2026

Affected Users: Applications using wolfSSL’s OpenSSL compatibility layer before wolfSSL version 5.8.2 that call both RAND_bytes() and fork() operations. This does not affect internal TLS operations or applications that do not explicitly use RAND_bytes(). Summary: A vulnerability was discovered in wolfSSL’s OpenSSL compatibility layer where the RAND_poll() function was not behaving as expected, leading to […]

January 13, 2026January 7, 2026

Affected Users: Users performing ECC or Ed25519 signature verification operations on devices that may be susceptible to fault injection attacks, particularly in security-critical applications such as secure boot implementations. Summary: A potential vulnerability to fault injection attacks was identified in wolfSSL’s ECC and Ed25519 signature verification operations. Fault injection is a sophisticated physical attack technique […]

January 12, 2026January 12, 2026

Look at that! wolfSSH had another release. New year, new version. Welcome to wolfSSH v1.4.22. This is mainly a bug fix release. We’ve improved interoperability with other implementations of SSH. We’ve improved the build process with several IDEs, Zephyr, and LwIP. We also added an SFTP client example for the Renesas RX72N platform. There is […]

January 12, 2026January 6, 2026

Learn how to configure, extend, and troubleshoot secure TLS applications with wolfSSL. Following Part 1 of our Getting Started with wolfSSL webinar series, Part 2 dives deeper into the topics developers encounter once basic TLS integration is complete. This session focuses on configuration, embedded deployment, and advanced TLS features used in real-world systems. Led by […]

January 9, 2026January 7, 2026

Affected Users: wolfSSH with SFTP enabled on the server side before version 1.4.21. Summary: A stack overflow vulnerability was discovered in wolfSSH’s SFTP server implementation. After an SFTP connection is established, a malicious SFTP client could send a specially crafted read, write, or set state SFTP packet that would cause the SFTP server code to […]

January 8, 2026January 7, 2026

Organizations in government, healthcare, finance, and critical infrastructure sectors are required to meet stringent compliance standards, and FIPS 140-3 certification has become a key requirement for cryptographic modules used in regulated environments. wolfSSL is uniquely positioned to help bring this level of certification to Proxmox Virtual Environment (PVE), one of the most popular open-source virtualization […]

January 7, 2026December 18, 2025

A while ago we had made a blog post and a patch that showed how someone could integrate their new RNG (Random Number Generator) into our wolfCrypt library. That methodology works, but it has a fairly obvious flaw. It assumed your RNG included the DRBG (Deterministic Random Bit Generator) as part of its implementation. You […]

January 6, 2026January 15, 2026

Affected Users: Anyone using wolfSSL on Apple platforms with versions after 5.6.4 and before 5.8.0, specifically when built with WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION enabled (default for non-macOS Apple targets when using autotools or CMake). Summary: When using system CA certificates and Apple native certificate validation on Apple platforms, the native trust store verification routine incorrectly overrides […]

January 5, 2026January 2, 2026

Learn how to build, configure, and debug secure TLS applications with wolfSSL. Join us for this two-part technical webinar series, Getting Started with wolfSSL. These sessions walk through the fundamentals of wolfSSL—from building the library to integrating TLS into real applications. Led by wolfSSL Engineering Manager Chris Conlon, the series focuses on practical concepts, core […]

1 2 3 4 … 218 219 220

RECENT BLOG NEWS

wolfSSL 5.8.4 Now Available

wolfTPM – Add TPM 2.0 v1.85 PQC Post-Quantum Support

Vulnerability Disclosure: wolfSSL CVE-2025-7394

Vulnerability Disclosure: wolfSSL Fault Injection Attack on ECC and Ed25519 Verify Operations

wolfSSH v1.4.22 Release

Getting Started with wolfSSL – Part 2: Configuration, Embedded Porting, and Advanced TLS Features

Vulnerability Disclosure: wolfSSH CVE-2025-11624

Bringing FIPS 140-3 to Proxmox Virtual Environments with wolfCrypt-FIPS

The DEADBEEF RNG Example Revisited

Vulnerability Disclosure: wolfSSL (CVE-2025-7395)

Kick Off 2026 with wolfSSL: Two-Part Getting Started with wolfSSL Webinar

Weekly updates

Archives

RECENT BLOG NEWS

Posts navigation

Weekly updates

Archives