OpenSSL security updates

Number: AV18-051
Date: 28 March 2018

Purpose

The purpose of this advisory is to bring attention to recent OpenSSL security advisory.

Assessment

OpenSSL has released security updates that affect vulnerabilities in the following products:

Affected versions: 
OpenSSL version 1.1.0
OpenSSL version 1.0.2

CVE Reference: CVE-2018-0733, CVE-2017-3738, CVE-2018-0739

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.

OpenSSL 1.1.0 users should upgrade to 1.1.0h
OpenSSL 1.0.2 users should upgrade to 1.0.2o

References:

Date modified: