OpenSSL has released updates to address a vulnerability that could impact proper certificate verification. A remote attacker could ‘issue’ invalid certificates that pass validation by affected versions.
Updates available include:
- OpenSSL 1.0.2d for 1.0.2b/1.02c users
- OpenSSL 1.0.1p for 1.0.1n/1.0.1o users
Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.