OpenSSL has released updates patching four vulnerabilities, some of which may allow an attacker to cause a Denial of Service (DoS) condition or execute man-in-the-middle attacks. The following updates are available:
- OpenSSL 1.0.1 users should upgrade to 1.0.1j
- OpenSSL 1.0.0 users should upgrade to 1.0.0o
- OpenSSL 0.9.8 users should upgrade to 0.9.8zc
US-CERT recommends users and administrators review the OpenSSL Security Advisory for additional information and apply the necessary updates.