CVE-2022-3602 and CVE-2022-3786 Critical OpenSSL 3.0.x security vulnerabilities

Turritopsis Dohrnii Teo En Ming tdtemccnp at gmail.com
Wed Nov 2 06:48:42 UTC 2022


Subject: CVE-2022-3602 and CVE-2022-3786 Critical OpenSSL 3.0.x security
vulnerabilities

Good day from Singapore,

I refer to the following posts.

[1] OpenSSL Gives Heads Up to Critical Vulnerability Disclosure, Check
Point Alerts Organizations to Prepare Now
Link:
https://blog.checkpoint.com/2022/10/30/openssl-gives-heads-up-to-critical-vulnerability-disclosure-check-point-alerts-organizations-to-prepare-now/

[2] 2022 OpenSSL vulnerability - CVE-2022-3602 - Spooky SSL
Link: https://github.com/NCSC-NL/OpenSSL-2022

[3] VMware Response to CVE-2022-3602 and CVE-2022-3786: vulnerabilities in
OpenSSL 3.0.x
Link:
https://blogs.vmware.com/security/2022/11/vmware-response-to-cve-2022-3602-and-cve-2022-3786-vulnerabilities-in-openssl-3-0-x.html

I have 2 internet-facing CentOS 7.9 Linux servers in Europe.

Are the patches available already? How do I patch OpenSSL on my CentOS 7.9
Linux servers?

Thank you.

Regards,

Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore
Blogs:
https://tdtemcerts.blogspot.com
https://tdtemcerts.wordpress.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20221102/353ce02d/attachment-0001.htm>


More information about the openssl-users mailing list