Archived Content

In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
Alert

OpenSSL Releases Security Advisory

Last Revised

OpenSSL has released updates to address a vulnerability that could impact proper certificate verification. A remote attacker could ‘issue’ invalid certificates that pass validation by affected versions.

Updates available include:

  • OpenSSL 1.0.2d for 1.0.2b/1.02c users
  • OpenSSL 1.0.1p for 1.0.1n/1.0.1o users

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts

We recently updated our anonymous product survey; we welcome your feedback.