[openssl_utils 0005247]: Another OpenSSL vulnerability
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Fri Jul 10 11:16:25 CEST 2015
A NOTE has been added to this issue.
======================================================================
https://www.opencsw.org/mantis/view.php?id=5247
======================================================================
Reported By: briandking
Assigned To:
======================================================================
Project: openssl_utils
Issue ID: 5247
Category: upgrade
Reproducibility: have not tried
Severity: major
Priority: normal
Status: new
======================================================================
Date Submitted: 2015-07-09 19:42 CEST
Last Modified: 2015-07-10 11:16 CEST
======================================================================
Summary: Another OpenSSL vulnerability
Description:
OpenSSL needs to be upgraded to 1.0.2d / 1.0.1p:
http://openssl.org/news/secadv_20150709.txt
OpenSSL used as a client does not validate certificates properly. This
would affect Apache used as a proxy/reverse proxy, curl, wget, etc.
======================================================================
----------------------------------------------------------------------
(0011041) jh (manager) - 2015-07-10 11:16
https://www.opencsw.org/mantis/view.php?id=5247#c11041
----------------------------------------------------------------------
new version already pushed to unstable
More information about the bug-notifications
mailing list