In previous publications (1,2) we mentioned one vulnerability στο OpenSSL. Σήμερα οι προγραμματιστές της βιβλιοθήκης κώδικα, ανακοίνωσαν μια νέα version which fixes the security gap.
According to the developers they were fixed
1-11-22 | CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows |
1-11-22 | Security Advisory: two high severity fixes |
1-11-22 | OpenSSL 3.0.7 is now available, including bug and security fixes |
1-11-22 | OpenSSL 1.1.1s is now available, including bug fixes |
Version 3.0.7 fixes older versions 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6.
For those who don't know OpenSSL is a widely used code library designed to enable secure communication over the internet.
Simply put, every time we browse the webnetwork, the website we browse or the online service we access uses OpenSSL at a very basic level.
All of this means you should update immediately. If you are not a system administrator you do not need to do anything. Just wait until the operating system or software you are using releases one information.
The term "library" means that the application is used as is by many applications and operating systems.