This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OpenSSL updates.

US-CERT Notice Original release date: March 19, 2015
OpenSSL has released new updates addressing multiple vulnerabilities, one of which is classified as a high severity issue. Exploitation could allow a remote attacker to cause a cause a Denial of Service attack against the server.

Updates available include:

OpenSSL 1.0.2a for 1.0.2 users
OpenSSL 1.0.1m for 1.0.1 users
OpenSSL 1.0.0r for 1.0.0 users
OpenSSL 0.9.8zf for 0.9.8 users

------
With the DOS attack, an attacker can crash a system using that is using TLS 1.2

This thread was automatically locked due to age.

Parents

0 NewImage over 10 years ago

Looks like fixed in the new 9.310
Import OpenSSL security updates from 1.0.1m
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 NewImage over 10 years ago

Looks like fixed in the new 9.310
Import OpenSSL security updates from 1.0.1m
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 BrucekConvergent over 10 years ago in reply to NewImage

Looks like fixed in the new 9.310
Import OpenSSL security updates from 1.0.1m

Should be GA release next week. SR looks good so far.
Cancel
Vote Up 0 Vote Down

Cancel