Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

OpenSSL Patches Four Vulnerabilities

Last Revised

OpenSSL has released updates patching four vulnerabilities, some of which may allow an attacker to cause a Denial of Service (DoS) condition or execute man-in-the-middle attacks. The following updates are available:

  • OpenSSL 1.0.1 users should upgrade to 1.0.1j
  • OpenSSL 1.0.0 users should upgrade to 1.0.0o
  • OpenSSL 0.9.8 users should upgrade to 0.9.8zc

US-CERT recommends users and administrators review the OpenSSL Security Advisory for additional information and apply the necessary updates.

 

 

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we welcome your feedback.