CERT mailing list archives
OpenSSL Patches Four Vulnerabilities
From: "US-CERT" <US-CERT () ncas us-cert gov>
Date: Thu, 16 Oct 2014 10:10:45 -0500
NCCIC / US-CERT National Cyber Awareness System: OpenSSL Patches Four Vulnerabilities [ https://www.us-cert.gov/ncas/current-activity/2014/10/16/OpenSSL-Patches-Four-Vulnerabilities ] 10/16/2014 08:50 AM EDT Original release date: October 16, 2014 OpenSSL has released updates patching four vulnerabilities, some of which may allow an attacker to cause a Denial of Service (DoS) condition or execute man-in-the-middle attacks. The following updates are available: * OpenSSL 1.0.1 users should upgrade to 1.0.1j * OpenSSL 1.0.0 users should upgrade to 1.0.0o * OpenSSL 0.9.8 users should upgrade to 0.9.8zc US-CERT recommends users and administrators review the OpenSSL Security Advisory [ https://www.openssl.org/news/secadv_20141015.txt ] for additional information and apply the necessary updates. ________________________________________________________________________ This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy & Use [ http://www.us-cert.gov/privacy/ ] policy. ________________________________________________________________________ OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ http://www.us-cert.gov/related-resources ] STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
Current thread:
- OpenSSL Patches Four Vulnerabilities US-CERT (Oct 16)