Updating openssl

has been found and patched in the Open SSL Library.

Multiple vulnerabilities have been discovered in Open SSL on 19/March/2015.

If you are using a Windows machine, your development environment is providing your copy of Open SSL.

You can upgrade this by upgrading your development environment itself, i.e.

Most users will want to install Certificate Authority Certificates for validation of downloaded certificates.

For example, these certificates can be used by git-2.14.1, c URL-7.55.1 or Wget-1.19.1 when accessing secure (https protocol) sites.

To do this, follow the instructions from the Certificate Authority Certificates page.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers.

updating openssl-34updating openssl-35updating openssl-82updating openssl-40

verifying all the files are present and haven't been modified or had permissions changed without also updating the RPM database).

The Change Cipher Spec (CCS) Injection Vulnerability is a moderately severe vulnerability in Open SSL, known formally as “SSL/TLS MITM vulnerability (CVE-2014-0224)“.

As of June 05, 2014, a security advisory was released by Open SSL.org, along with versions of Open SSL that fix this vulnerability.

This vulnerability is likely not as severe as the Heartbleed Bug.

In some circumstances, this flaw allows an attacker to conduct a man-in-the-middle attack on servers running vulnerable versions of Open SSL.

641

Leave a Reply