it.ucsf.edu

Security Update:OpenSSL Version 1.1.0e Released

Status Type

Security Update

Date and Time

Wednesday, February 22, 2017 - 14:22

Reason

 

Security Update

Impact

OpenSSL 1.1.0 Users

 

WHAT HAPPENED?
OpenSSL version 1.1.0e has been released to address a vulnerability that affects clients and servers.

Advanced Users: For a complete description of the vulnerabilities and affected versions visit OpenSSL Security Advisory [16 Feb 2017] at https://www.openssl.org/news/secadv/20170216.txt.


AVAILABLE UPDATES INCLUDE:

  • OpenSSL 1.1.0
    • This issue does not affect OpenSSL version 1.0.2.


WHAT'S THE PROBLEM?
Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.


WHAT DO I NEED TO DO?
Upgrade your software

  1. If IT Field Services or you have other IT support, no action on your part is required.
  2. If you do not have IT support, updates may be obtained through OpenSSL Security Advisory [16 Feb 2017] at https://www.openssl.org/news/secadv/20170216.txt.


RELATED LINKS