Alert

OpenSSL Patches Nine Vulnerabilities

Last Revised

OpenSSL has released updates patching nine vulnerabilities, some of which may allow an attacker to cause a Denial of Service (DoS) condition or force the client to revert to a less secure Transport Layer Security (TLS) 1.0 protocol. The following updates are available:

  • OpenSSL 0.9.8 users should upgrade to 0.9.8zb
  • OpenSSL 1.0.0 users should upgrade to 1.0.0n
  • OpenSSL 1.0.1 users should upgrade to 1.0.1i

US-CERT recommends users and administrators review the OpenSSL Security Advisory for additional information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.