[openssl_utils 0005268]: OpenSSL Security Vulnerability requires upgrade to 1.0.1s

Mantis Bug Tracker via bug-notifications bug-notifications at lists.opencsw.org
Wed Mar 2 02:07:45 CET 2016


The following issue has been SUBMITTED. 
====================================================================== 
https://www.opencsw.org/mantis/view.php?id=5268 
====================================================================== 
Reported By:                briandking
Assigned To:                
====================================================================== 
Project:                    openssl_utils
Issue ID:                   5268
Category:                   upgrade
Reproducibility:            have not tried
Severity:                   major
Priority:                   normal
Status:                     new
====================================================================== 
Date Submitted:             2016-03-02 02:07 CET
Last Modified:              2016-03-02 02:07 CET
====================================================================== 
Summary:                    OpenSSL Security Vulnerability requires upgrade to
1.0.1s
Description: 
Original release date: March 01, 2016
OpenSSL has released updates to address vulnerabilities in prior versions.
Exploitation of some of these vulnerabilities may allow a remote attacker
to obtain sensitive information. Updates available include:
•	OpenSSL 1.0.2g for 1.0.2 users 
•	OpenSSL 1.0.1s for 1.0.1 users 
Users and administrators are encouraged to review the OpenSSL Security
Advisory and apply the necessary updates.

https://www.openssl.org/news/secadv/20160301.txt
https://www.us-cert.gov/ncas/current-activity/2016/03/01/OpenSSL-Releases-Security-Advisory
https://isc.sans.edu/forums/diary/OpenSSL+Update+Released/20785/

======================================================================



More information about the bug-notifications mailing list