Upcoming OpenSSL update

OpenSSL today released a security update for various issues – including two high-severity ones.

We reviewed those issues and found that only one of the high-severity ones are applicable to our environment (RSA silently downgrades to EXPORT_RSA [Client] – CVE-2015-0204). Other issues are of lower severity and not all of them apply to the version currently used.

We are currently waiting for Gentoo to provide the GLSA and package updates which we expect to happen at latest by tomorrow. After that we will run our own quality assurance and provide those updated packages to you quickly.

If you have any questions (about the OpenSSL update or otherwise) please contact us: we’re here to help you!

1 thought on “Upcoming OpenSSL update”

Update: the OpenSSL fix is there and gets currently rolled out on our infrastructure.

LikeLike

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Google account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Flying Circus

Operations as a Service – musings from our pilots

Upcoming OpenSSL update

1 thought on “Upcoming OpenSSL update”

Leave a Reply Cancel reply

Share this:

Like this:

Related

1 thought on “Upcoming OpenSSL update”

Leave a Reply Cancel reply