[openssl_utils 0005197]: More OpenSSL Security Vulnerabilities require updating to 1.0.1i
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Thu Aug 7 20:28:30 CEST 2014
The following issue has been SUBMITTED.
======================================================================
https://www.opencsw.org/mantis/view.php?id=5197
======================================================================
Reported By: briandking
Assigned To:
======================================================================
Project: openssl_utils
Issue ID: 5197
Category: upgrade
Reproducibility: have not tried
Severity: major
Priority: normal
Status: new
======================================================================
Date Submitted: 2014-08-07 20:28 CEST
Last Modified: 2014-08-07 20:28 CEST
======================================================================
Summary: More OpenSSL Security Vulnerabilities require
updating to 1.0.1i
Description:
National Cyber Awareness System:
Open SSL Patches Nine Vulnerabilities
08/07/2014 01:19 PM EDT
Original release date: August 07, 2014
OpenSSL has released updates patching nine vulnerabilities, some of which
may allow an attacker to cause a Denial of Service (DoS) condition or force
the client to revert to a less secure Transport Layer Security (TLS) 1.0
protocol. The following updates are available:
-OpenSSL 0.9.8 users should upgrade to 0.9.8zb
- OpenSSL 1.0.0 users should upgrade to 1.0.0n
- OpenSSL 1.0.1 users should upgrade to 1.0.1i
US-CERT recommends users and administrators review the OpenSSL Security
Advisory for additional information and apply the necessary updates.
======================================================================
More information about the bug-notifications
mailing list