store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Mon Feb 20, 2017 12:01 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 1 post ] 
Author Message
 Post subject: OpenSSL Security Advisory [26 Sep 2016]
Unread postPosted: Mon Sep 26, 2016 12:57 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3981
Location: Chantilly, VA
ASL customers are not effected by these OpenSSL vulnerabilities. Please see this URL for details, or the summary below:

https://www.openssl.org/news/secadv/20160926.txt

Fix Use After Free for large message sizes (CVE-2016-6309) - This could lead to remote code execution on effected systems. ASL systems are already protected from this class of attack.

Missing CRL sanity check (CVE-2016-7052) - This could cause the application to crash, however platforms that use ASL are not using the effected version of OpenSSL.

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: