Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Open SSL Patches Nine Vulnerabilities
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Open SSL Patches Nine Vulnerabilities

Original release date: August 07, 2014

OpenSSL has released updates patching nine vulnerabilities, some of
which may allow an attacker to cause a Denial of Service (DoS)
condition or force the client to revert to a less secure Transport
Layer Security (TLS) 1.0 protocol. The following updates are
available:

    -OpenSSL 0.9.8 users should upgrade to 0.9.8zb

   - OpenSSL 1.0.0 users should upgrade to 1.0.0n

   - OpenSSL 1.0.1 users should upgrade to 1.0.1i

US-CERT recommends users and administrators review the OpenSSL
Security Advisory for additional information and apply the necessary
updates.

And here is a link to the security advisory - https://www.openssl.org/news/secadv_20140806.txt

Thanked by 2rokok howardsl2

Comments

  • NeoonNeoon Community Contributor, Veteran

    They said its not such a big security issue like lastime so.

  • Looks like after "heartbleed" bug every company hired internal developers to review the code of openssl.

    That's actually good thing for open source software.

  • Time to upgrade..

  • dnwkdnwk Member

    @alexvolk said:
    Looks like after "heartbleed" bug every company hired internal developers to review the code of openssl.

    That's actually good thing for open source software.

    A good thing only if they contribute back

  • Looks like Debian hasn't updated their repos yet, but Ubuntu has (at least on 12.04).

    built on: Thu Aug  7 13:42:02 UTC 2014
  • NeoonNeoon Community Contributor, Veteran

    Debian has already updated, i patched some servers already.

  • For what I'm seeing, CentOS 6.5 has not yet updated their repos.

  • @Infinity580 said:
    Debian has already updated, i patched some servers already.

    Yep, you are right.

    built on: Wed Aug  6 18:48:11 UTC 2014
Sign In or Register to comment.