This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OpenSSL updates.

US-CERT Notice Original release date: March 19, 2015
OpenSSL has released new updates addressing multiple vulnerabilities, one of which is classified as a high severity issue. Exploitation could allow a remote attacker to cause a cause a Denial of Service attack against the server.

Updates available include:

OpenSSL 1.0.2a for 1.0.2 users
OpenSSL 1.0.1m for 1.0.1 users
OpenSSL 1.0.0r for 1.0.0 users
OpenSSL 0.9.8zf for 0.9.8 users

------
With the DOS attack, an attacker can crash a system using that is using TLS 1.2

This thread was automatically locked due to age.

Parents

0 NewImage over 10 years ago

Looks like fixed in the new 9.310
Import OpenSSL security updates from 1.0.1m
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 10 years ago in reply to NewImage

Looks like fixed in the new 9.310
Import OpenSSL security updates from 1.0.1m

Should be GA release next week. SR looks good so far.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BrucekConvergent over 10 years ago in reply to NewImage

Looks like fixed in the new 9.310
Import OpenSSL security updates from 1.0.1m

Should be GA release next week. SR looks good so far.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data