Worried about the vulnerabilities recently found in OpenSSL versions 3.0.0 - 3.0.6.
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Nov 3 02:20:05 UTC 2022
On Wed, Nov 02, 2022 at 11:17:31PM +0000, Steven_M.irc via openssl-users wrote:
> I'm really worried about the vulnerabilities recently found in OpenSSL
> versions 3.0.0 - 3.0.6.
Just upgrade any affected systems and you'll be fine.
> If I understand things correctly (and please do correct me if I'm
> wrong), it doesn't matter which version of OpenSSL clients are
> running, only which version of OpenSSL *servers* are running.
Your information source is either wrong or misleading. The only
software version that matters is the one your system is running,
whether client or server.
--
Viktor.
More information about the openssl-users
mailing list