Number: AV18-051
Date: 28 March 2018
Purpose
The purpose of this advisory is to bring attention to recent OpenSSL security advisory.
Assessment
OpenSSL has released security updates that affect vulnerabilities in the following products:
Affected versions:
OpenSSL version 1.1.0
OpenSSL version 1.0.2
CVE Reference: CVE-2018-0733, CVE-2017-3738, CVE-2018-0739
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.
OpenSSL 1.1.0 users should upgrade to 1.1.0h
OpenSSL 1.0.2 users should upgrade to 1.0.2o
References: