it.ucsf.edu

Security Update:OpenSSL Releases Updates to Address a Dozen Flaws; Including 1 With High-Severity Rating

Status Type

Security Update

Date and Time

Friday, September 23, 2016 - 15:14

Reason

Security Update

Impact

OpenSSL Users

 

WHAT HAPPENED?
OpenSSL announced the release of updates to address 1 high-severity flaw and 11 other flaws.

Advanced Users: For a complete description of the vulnerabilities and affected versions visit OpenSSL Security Advisory [22 Sep 2016] at https://www.openssl.org/news/secadv/20160922.txt.

AVAILABLE UPDATES INCLUDE:

  • OpenSSL 1.1.0a for 1.1.0 users
  • OpenSSL 1.0.2i for 1.0.2 users
  • OpenSSL 1.0.1u for 1.0.1 users


WHAT'S THE PROBLEM?
Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.


WHAT DO I NEED TO DO?
Upgrade your software

  1. If IT Field Services or you have other IT support, no action on your part is required.
  2. If you do not have IT support, updates may be obtained through visit OpenSSL Security Advisory [22 Sep 2016] at https://www.openssl.org/news/secadv/20160922.txt.


RELATED LINKS