Original release date: October 16, 2014

OpenSSL has released updates patching four vulnerabilities, some of which may allow an attacker to cause a Denial of Service (DoS) condition or execute man-in-the-middle attacks. The following updates are available:

• OpenSSL 1.0.1 users should upgrade to 1.0.1j
• OpenSSL 1.0.0 users should upgrade to 1.0.0o
• OpenSSL 0.9.8 users should upgrade to 0.9.8zc

US-CERT recommends users and administrators review the OpenSSL Security Advisory for additional information and apply the necessary updates.

 

 

This product is provided subject to this Notification and this Privacy & Use policy.