The OpenSSL team has issued a high-severity security advisory.

The advisory discloses a new certificate validation vulnerability where during certificate verification, OpenSSL will attempt to find alternative certificate chains if the first validation attempt fails. The vulnerability lies in an implementation error allowing an attacker to forge an invalid certificate and bypass verification. This security issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.

More information is available here.

MapQuest launches enterprise geospatial platform and developer tools
Beset by Google Maps, Waze and other competitors, MapQuest will not go gently into the good night.

The company announced the launch of a new MapQuest + Developers Geospatial Toolkit, which includes mobile-focused APIs and SDKs as part of a geospatial platform offering forward, and reverse and batch geocoding for enterprise applications. The platform also offers customizable point-to-point, multipoint, optimized and route matrix functions, geospatial search capabilities spanning radius, rectangle, polygon and corridor searching functions, and licensed TomTom data along with open datasets via OpenStreetMap.

As for the developer tools themselves, the toolkit includes an augmented API service layer powered by API management provider Apigee, and a redesigned developer network and dashboard to access MapQuest APIs and SDKs.

The augmented API service layer, powered by Apigee, provides the provisioning experience, usage analytics, and documentation that developers expect. Additional information about the MapQuest + Developers Geospatial Toolkit can be found on the company’s new developer blog.