xCAT/xcat-core
2
0
Fork 0
mirror of https://github.com/xcat2/xcat-core.git synced 2025-05-22 03:32:04 +00:00
Code Issues Releases Wiki Activity
xcat-core/docs/source/security/2015/20150324_openssl.rst
Victor Hu b90fe27096 Created the security notices that were on SF for 2015 into the xCAT 
documentation so we can clean up the GitHub Wiki to remove security
notices from that location. I think saving the last 2 years is sufficient
and probably should get removed over time.
2016-08-18 09:29:42 -04:00

13 lines
555 B
ReStructuredText
Raw Blame History

2015-03-24 - OpenSSL Vulnerabilities
====================================
OpenSSL 1.0.2 introduced the "multiblock" performance improvement. This feature only applies on 64 bit x86 architecture platforms that support AES NI instructions. A defect in the implementation of "multiblock" can cause a segmentation fault within OpenSSL, thus enabling a potential DoS attack.
This issue affects OpenSSL version: 1.0.2
Action
------
xCAT uses OpenSSL for client-server communication but **does not** ship it. Please upgrade OpenSSL to 1.0.2a or higher.
Reference in New Issue View Git Blame Copy Permalink