High-Severity OpenSSL Security Advisory Released

By

OpenSSL users advised to upgrade now.

OpenSSL has released a security advisory in regard to recently discovered vulnerabilities, "including a high-severity address type confusion bug that could be exploited by attackers to read memory contents or enact a denial of service (DoS)," reports Brittany Day.

According to the advisory, OpenSSL versions 3.0, 1.1.1, and 1.0.2 are vulnerable to this issue, and the following actions are needed:

  • OpenSSL 3.0 users should upgrade to OpenSSL 3.0.8.
  • OpenSSL 1.1.1 users should upgrade to OpenSSL 1.1.1t.
  • OpenSSL 1.0.2 users should upgrade to OpenSSL 1.0.2zg (premium support customers only).

OpenSSL is "widely used by Internet servers, including the majority of HTTPS websites, making it critical that users are aware of the recent OpenSSL flaws that have been discovered," Day notes.

Read more at LinuxSecurity.
 
 

 
 

02/15/2023

Related content

comments powered by Disqus