[openssl_utils 0005247]: Another OpenSSL vulnerability
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Wed Jul 15 09:57:34 CEST 2015
The following issue has been ASSIGNED.
======================================================================
https://www.opencsw.org/mantis/view.php?id=5247
======================================================================
Reported By: briandking
Assigned To: jh
======================================================================
Project: openssl_utils
Issue ID: 5247
Category: upgrade
Reproducibility: have not tried
Severity: major
Priority: normal
Status: assigned
======================================================================
Date Submitted: 2015-07-09 19:42 CEST
Last Modified: 2015-07-15 09:57 CEST
======================================================================
Summary: Another OpenSSL vulnerability
Description:
OpenSSL needs to be upgraded to 1.0.2d / 1.0.1p:
http://openssl.org/news/secadv_20150709.txt
OpenSSL used as a client does not validate certificates properly. This
would affect Apache used as a proxy/reverse proxy, curl, wget, etc.
======================================================================
----------------------------------------------------------------------
(0011042) jh (manager) - 2015-07-10 11:17
https://www.opencsw.org/mantis/view.php?id=5247#c11042
----------------------------------------------------------------------
openssl updated to newest version
More information about the bug-notifications
mailing list