OpenSSL 0.9.8 & 1.0.1a updates available for Apache 2.2.22 & 2.4.2

Started by Gregg, April 20, 2012, 08:56:43 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Gregg

April 20, 2012, 08:56:43 AM Last Edit: April 21, 2012, 12:20:27 PM by mario
A potentially exploitable buffer-overrun vulnerability has been discovered in OpenSSL 0.9.8u, 1.0.0h, 0.9.8u and prior versions.
Get your OpenSSL 0.9.8v or 1.0.1a updates for Apache 2.2.22 & 2.4.2 on our download page.

Gregg

#1
April 25, 2012, 12:42:37 AM
It looks like the fix for CVE-2012-2110 was not sufficient to correct the ASN1 BIO vulnerability issue for OpenSSL version 0.9.8  oo OpenSSL 0.9.8w source has been released by them. I'll try to have new OpenSSL 0.9.8w updates in the next 24 hours.
Print
Go Up Pages1
User actions