Security Alert (A23-02-10): Multiple Vulnerabilities in OpenSSL
10 February 2023
OpenSSL has released 1.1.1t and 3.0.8 to fix the vulnerabilities in various versions of OpenSSL. The details of the security update can be found at: https://www.openssl.org/news/secadv/20230207.txt
OpenSSL versions 1.0.2, 1.1.1 and 3.0.0 to 3.0.7
Please note that OpenSSL version 1.0.2 has reached End-Of-Life (EOL). No security updates will be provided. Users should arrange upgrading to supported versions or migrating to other supported technology.
Successful exploitation could lead to denial of service, information disclosure or security restriction bypass on an affected system.
Patches for affected software are available. System administrators of affected systems should follow the recommendations provided by the software vendor and take immediate actions to mitigate the risk.