AOSA-2017-0009: Update OpenSSL
February 6, 2017
Please update your
openssl+32 package to version
A recently released version of OpenSSL libraries and tools has addressed the following security vulnerabilities:
- Truncated packet could crash via OOB (out-of-bounds) read (CVE-2017-3731).
BN_mod_expmay produce incorrect results on
- Montgomery multiplication may produce incorrect results (CVE-2016-7055).