OpenSSL Releases Security Advisory

Original release date: June 05, 2014

OpenSSL has released updates patching 6 vulnerabilities, which may allow an attacker to decrypt or modify traffic between a vulnerable client and server, cause a denial of service condition, or remotely execute arbitrary code.

 The following updates are available:

  • OpenSSL 0.9.8 SSL/TLS users should upgrade to 0.9.8za
  • OpenSSL 1.0.0 SSL/TLS users should upgrade to 1.0.0m
  • OpenSSL 1.0.1 SSL/TLS users should upgrade to 1.0.1h

US-CERT recommends users and administrators review Vulnerability Note VU#978508 and the OpenSSL advisory for additional information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.