OpenSSL has released updates patching nine vulnerabilities, some of which may allow an attacker to cause a Denial of Service (DoS) condition or force the client to revert to a less secure Transport Layer Security (TLS) 1.0 protocol. The following updates are available:
- OpenSSL 0.9.8 users should upgrade to 0.9.8zb
- OpenSSL 1.0.0 users should upgrade to 1.0.0n
- OpenSSL 1.0.1 users should upgrade to 1.0.1i
US-CERT recommends users and administrators review the OpenSSL Security Advisory for additional information and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.