The OpenSSL project team will be patching a high severity bug this Thursday, July 9. The OpenSSL project team will announce the forthcoming release of OpenSSL versions 1.0.2d and 1.0.1p. These releases will fix a single security defect classified as “high” severity. It should be noted that this defect does not affect the 1.0.0 or 0.9.8 releases. According to OpenSSL’s security policy, “high-severity” flaws are those that affect common configurations and are likely to be exploitable. These can range from server denial-of-service to significant leak of server memory to remote code execution. This type of a pre-announcement is intended to give organizations a chance to prepare.
Info Security Magazine
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street