Dan Goodin / Ars Technica:
Oracle patches a critical bug in Java 15 and above, which lets attackers forge TLS certificates and signatures, two-factor authentication messages, and more — A failure to sanity check signatures for division-by-zero flaws makes forgeries easy. — Organizations using newer versions …
Source link