The OpenSSL Project Team has announced that the November 1st update to OpenSSL 3.0.7 is a security-fix release. “The highest severity issue fixed in this release is CRITICAL,” the notice states.
That means “come Nov. 1, everyone — and I mean everyone — will need to patch OpenSSL 3.x,” says Steven J. Vaughan-Nichols.
If you're a Linux user, he notes, you can see which version you’re using by running the following shell command:
# openssl version
“If you're using anything with OpenSSL 3.x in — anything — get ready to patch on Tuesday. This is likely to be a bad security hole, and exploits will soon follow,” Vaughan-Nichols says.
Read more at ZDNet and see the updated advisory for the latest details.
Comments