Security Alert (A23-10-26): Vulnerability in OpenSSL
26 October 2023
OpenSSL has released 3.0.12 and 3.1.4 to fix the vulnerability in various versions of OpenSSL. The details of the security update can be found at: https://www.openssl.org/news/secadv/20231024.txt
OpenSSL 3.0.x prior to version 3.0.12
OpenSSL 3.1.x prior to version 3.1.4
Successful exploitation could lead to denial of service on an affected system.
Patches for OpenSSL 3.0.x and 3.1.x are available. Please note that OpenSSL is also distributed as source code in various products. It is recommended to consult product vendors to confirm if the used products are affected and the availability of patches. System administrators and users should apply the patches when available or follow the recommendations provided by the product vendors to mitigate the risk.