Security Alert (A23-03-15): Vulnerability in OpenSSL
27 March 2023
OpenSSL has released 1.1.1u, 3.0.9 and 3.1.1 to fix the vulnerability in various versions of OpenSSL. The details of the security update can be found at: https://www.openssl.org/news/secadv/20230322.txt
OpenSSL versions 1.0.2, 1.1.1, 3.0 and 3.1
Please note that OpenSSL version 1.0.2 has reached End-Of-Life (EOL). No security updates will be provided. Users should arrange upgrading to supported versions or migrating to other supported technology.
Successful exploitation could lead to denial of service on an affected system.
Patches for affected software are available. System administrators of affected systems should follow the recommendations provided by the software vendor and take immediate actions to mitigate the risk.