[openssl_utils 0005247]: Another OpenSSL vulnerability
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Fri Jul 10 11:17:05 CEST 2015
The following issue has been CLOSED
======================================================================
https://www.opencsw.org/mantis/view.php?id=5247
======================================================================
Reported By: briandking
Assigned To:
======================================================================
Project: openssl_utils
Issue ID: 5247
Category: upgrade
Reproducibility: have not tried
Severity: major
Priority: normal
Status: closed
Resolution: open
Fixed in Version:
======================================================================
Date Submitted: 2015-07-09 19:42 CEST
Last Modified: 2015-07-10 11:17 CEST
======================================================================
Summary: Another OpenSSL vulnerability
Description:
OpenSSL needs to be upgraded to 1.0.2d / 1.0.1p:
http://openssl.org/news/secadv_20150709.txt
OpenSSL used as a client does not validate certificates properly. This
would affect Apache used as a proxy/reverse proxy, curl, wget, etc.
======================================================================
----------------------------------------------------------------------
(0011042) jh (manager) - 2015-07-10 11:17
https://www.opencsw.org/mantis/view.php?id=5247#c11042
----------------------------------------------------------------------
openssl updated to newest version
More information about the bug-notifications
mailing list