OpenSSL has released updates patching 6 vulnerabilities, which may allow an attacker to decrypt or modify traffic between a vulnerable client and server, cause a denial of service condition, or remotely execute arbitrary code.
The following updates are available:
- OpenSSL 0.9.8 SSL/TLS users should upgrade to 0.9.8za
- OpenSSL 1.0.0 SSL/TLS users should upgrade to 1.0.0m
- OpenSSL 1.0.1 SSL/TLS users should upgrade to 1.0.1h
US-CERT recommends users and administrators review Vulnerability Note VU#978508 and the OpenSSL advisory for additional information and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.