Upcoming OpenSSL update

OpenSSL today released a security update for various issues – including two high-severity ones.

We reviewed those issues and found that only one of the high-severity ones are applicable to our environment (RSA silently downgrades to EXPORT_RSA [Client] – CVE-2015-0204). Other issues are of lower severity and not all of them apply to the version currently used.

We are currently waiting for Gentoo to provide the GLSA and package updates which we expect to happen at latest by tomorrow. After that we will run our own quality assurance and provide those updated packages to you quickly.

If you have any questions (about the OpenSSL update or otherwise) please contact us: we’re here to help you!

1 thought on “Upcoming OpenSSL update

Leave a Reply to Christian Kauhaus Cancel reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s