Original release date: August 07, 2014
OpenSSL has released updates patching nine vulnerabilities, some of
which may allow an attacker to cause a Denial of Service (DoS)
condition or force the client to revert to a less secure Transport
Layer Security (TLS) 1.0 protocol. The following updates are
available:
-OpenSSL 0.9.8 users should upgrade to 0.9.8zb
- OpenSSL 1.0.0 users should upgrade to 1.0.0n
- OpenSSL 1.0.1 users should upgrade to 1.0.1i
US-CERT recommends users and administrators review the OpenSSL
Security Advisory for additional information and apply the necessary
updates.
And this is the link to the security advisory -
Code:
http://www.openssl.org/news/secadv_20140806.txt
Last edited by a moderator: