it.ucsf.edu

Security Update:Open SSL Updates Released to Address 2 High Vulnerabilities

Status Type

Security Update

Date and Time

Tuesday, May 3, 2016 - 13:20

Reason

Security Updates

Impact

Open SSL Users

 

WHAT HAPPENED?
OpenSSL announced the release of updates to address 2 high-severity flaws and four low-severity issues addressed.

Advanced Users: For a complete description of the vulnerabilities and affected versions visit OpenSSL Security Advisory [3rd May 2016] at https://www.openssl.org/news/secadv/20160503.txt.


AFFECTED VERSIONS:

  • OpenSSL version 1.0.1 and below
  • OpenSSL version 1.0.2 and below


WHAT'S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to obtain sensitive information.


WHAT DO I NEED TO DO?
Upgrade your software

  1. If IT Field Services or you have other IT support, no action on your part is required.
  2. If you do not have IT support, updates may be obtained through OpenSSL Security Advisory [3rd May 2016] at https://www.openssl.org/news/secadv/20160503.txt.


RELATED LINKS