All Linux HowTo's Scripting HowTo's

OpenSSL urgent upgrade notice

Share This: The OpenSSL team have released an advisory to upgrade to version 1.1.0c. Read the notice here: “https://www.openssl.org/news/secadv/20161110.txt”. Redhat’s article can be found here: “https://access.redhat.com/security/cve/cve-2016-7054”. Severity: High TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash.

Read more