![]() ![]() This release has attracted a lot of attention because this is only the second time the OpenSSL team has marked an issue CRITICAL since it introduced its issue severity criteria in 2014. ![]() Given the number of changes in 3.0 and the lack of any other context information, such scouring is very highly unlikely. That's our policy to provide folks with a date they know to be ready to parse an advisory and see if the issue affects them. This advance notice is designed to give a little time for organisations and individuals to get themselves ready for the upcoming critical update: A separate release for that branch of the software, version 1.1.1, is scheduled for the same day but it is a bug fix and is not related to this issue. Versions starting with a 1 are unaffected. The release, version 3.0.7, will address a critical vulnerability for all versions of the software starting with a 3. A fix for a critical issue in OpenSSL is on the way, announced in advance of its release on November 1, 2022, in a four hour window between 13:00 UTC and 17:00 UTC.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |