[security-announce] Today openssl security release
Hi folks, The OpenSSL team has just announced a new round of security releases. http://openssl.org/news/secadv_20150319.txt Foremost: Do Not Panic. While the advisory lists 12 fixes, only 2 of them are rated "High". The first fix rarted"High", CVE-2015-0291, affects only openssl 1.0.2, which we have not yet included in any of our codestreams or products, making us not affected. The second fix rated "High", CVE-2015-0204, is a changed rating for an already fixed security vulnerability. We have released fixes for this in January 2015: https://www.suse.com/security/cve/CVE-2015-0204.html All other new issues disclosed today are rated "Moderate" and "Low" by the OpenSSL team. We are currently releasing the first updates and wrapping up QA on the the others, so you will get fixed packages today (in some hours) or tomorrow. Ciao, Marcus
participants (1)
-
Marcus Meissner