Share with friends and colleagues on social media

A new vulnerability in OpenSSL has been discovered — specifically only if you are running OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.  This vulnerability relates to certificate validation, and could allow an attacker to bypass that validation.

That’s the bad news.

The good news is that no releases of SUSE Linux Enterprise (or openSUSE) are affected by this vulnerability.

I repeat: If you are running SUSE Linux Enterprise your system is not impacted by this issue.

If you are, however, running a different system — and are currently using one of the vulnerable versions of OpenSSL — you have a few options for securing your system.  Either by upgrading to OpenSSL 1.0.1p or 1.0.2d, which will address the issue.  Or install SUSE Linux Enterprise.

Share with friends and colleagues on social media
Tags: , ,
Category: Enterprise Linux, SUSE Linux Enterprise
This entry was posted Thursday, 9 July, 2015 at 11:47 am
You can follow any responses to this entry via RSS.

Leave a Reply

Your email address will not be published. Required fields are marked *

No comments yet