[openssl_utils 0005197]: More OpenSSL Security Vulnerabilities require updating to 1.0.1i
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Sat Aug 9 00:38:35 CEST 2014
The following issue has been CLOSED
======================================================================
https://www.opencsw.org/mantis/view.php?id=5197
======================================================================
Reported By: briandking
Assigned To: yann
======================================================================
Project: openssl_utils
Issue ID: 5197
Category: upgrade
Reproducibility: have not tried
Severity: major
Priority: normal
Status: closed
Resolution: fixed
Fixed in Version:
======================================================================
Date Submitted: 2014-08-07 20:28 CEST
Last Modified: 2014-08-09 00:38 CEST
======================================================================
Summary: More OpenSSL Security Vulnerabilities require
updating to 1.0.1i
Description:
National Cyber Awareness System:
Open SSL Patches Nine Vulnerabilities
08/07/2014 01:19 PM EDT
Original release date: August 07, 2014
OpenSSL has released updates patching nine vulnerabilities, some of which
may allow an attacker to cause a Denial of Service (DoS) condition or force
the client to revert to a less secure Transport Layer Security (TLS) 1.0
protocol. The following updates are available:
-OpenSSL 0.9.8 users should upgrade to 0.9.8zb
- OpenSSL 1.0.0 users should upgrade to 1.0.0n
- OpenSSL 1.0.1 users should upgrade to 1.0.1i
US-CERT recommends users and administrators review the OpenSSL Security
Advisory for additional information and apply the necessary updates.
======================================================================
----------------------------------------------------------------------
(0010885) yann (manager) - 2014-08-09 00:38
https://www.opencsw.org/mantis/view.php?id=5197#c10885
----------------------------------------------------------------------
Done :)
More information about the bug-notifications
mailing list