Security Update:Open SSL Updates Released to Address 2 High Vulnerabilities
Date and Time
Open SSL Users
OpenSSL announced the release of updates to address 2 high-severity flaws and four low-severity issues addressed.
Advanced Users: For a complete description of the vulnerabilities and affected versions visit OpenSSL Security Advisory [3rd May 2016] at https://www.openssl.org/news/secadv/20160503.txt.
- OpenSSL version 1.0.1 and below
- OpenSSL version 1.0.2 and below
WHAT'S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to obtain sensitive information.
WHAT DO I NEED TO DO?
Upgrade your software
- If IT Field Services or you have other IT support, no action on your part is required.
- If you do not have IT support, updates may be obtained through OpenSSL Security Advisory [3rd May 2016] at https://www.openssl.org/news/secadv/20160503.txt.
- ThreatPost’s OpenSSL Patches Two High-Severity Vulnerabilities - https://threatpost.com/openssl-patches-two-high-severity-vulnerabilities...
- IT Security - http://it.ucsf.edu/security