AOSA-2016-0004: update OpenSSL to 1.0.2i
September 24, 2016
Please update your openssl
and openssl+32
(AMD64/x86_64 only) package to 1.0.2i.
OpenSSL has recently released version 1.0.2i which fixed an array of security vulnerabilities, along with a security advisory (attached below).
A complete list of CVEs fixed in this update is listed as follows:
CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-6302, CVE-2016-6303, CVE-2016-6305, CVE-2016-6306.
Relevant documentation: