Joined: 12 May 2004
|Posted: Wed Nov 28, 2018 11:26 pm Post subject: [ GLSA 201811-21 ] OpenSSL
|Gentoo Linux Security Advisory
Title: OpenSSL: Multiple vulnerabilities (GLSA 201811-21)
Bug(s): #651730, #653434
Multiple vulnerabilities have been found in OpenSSL, the worst of
which may lead to a Denial of Service condition.
OpenSSL is a robust, commercial-grade, and full-featured toolkit for the
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols.
Vulnerable: < 1.0.2o
Unaffected: >= 1.0.2o
Architectures: All supported architectures
Multiple vulnerabilities have been discovered in OpenSSL. Please review
the referenced CVE identifiers for details.
A remote attacker could cause a Denial of Service condition, obtain
private keying material, or gain access to sensitive information.
There is no known workaround at this time.
All OpenSSL users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2o"