Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

OpenSSL Patches Multiple Vulnerabilities

Last Revised

OpenSSL has released new updates addressing multiple vulnerabilities, one of which is classified as a high severity issue. Exploitation could allow a remote attacker to cause a cause a Denial of Service attack against the server.

Updates available include:

  • OpenSSL 1.0.2a for 1.0.2 users
  • OpenSSL 1.0.1m for 1.0.1 users
  • OpenSSL 1.0.0r for 1.0.0 users
  • OpenSSL 0.9.8zf for 0.9.8 users

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we welcome your feedback.