[openssl_utils 0005247]: Another OpenSSL vulnerability
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Thu Jul 9 19:42:14 CEST 2015
The following issue has been SUBMITTED.
======================================================================
https://www.opencsw.org/mantis/view.php?id=5247
======================================================================
Reported By: briandking
Assigned To:
======================================================================
Project: openssl_utils
Issue ID: 5247
Category: upgrade
Reproducibility: have not tried
Severity: major
Priority: normal
Status: new
======================================================================
Date Submitted: 2015-07-09 19:42 CEST
Last Modified: 2015-07-09 19:42 CEST
======================================================================
Summary: Another OpenSSL vulnerability
Description:
OpenSSL needs to be upgraded to 1.0.2d / 1.0.1p:
http://openssl.org/news/secadv_20150709.txt
OpenSSL used as a client does not validate certificates properly. This
would affect Apache used as a proxy/reverse proxy, curl, wget, etc.
======================================================================
More information about the bug-notifications
mailing list