ITUGLIB Update: OpenSSL 1.1.1k Critical Security Patch Released

Discussion:

(too old to reply)

Randall

2021-03-26 01:38:37 UTC

Hi Everyone,

A critical security patch to OpenSSL has been released on the ITUGLIB website. It was officially announced earlier today by OpenSSL.

This patch, 1.1.1k, fixes a problem introduced in 1.1.1h referring to CVE-2021-3450.

On Behalf of the ITUGLIB Technical Committee,
Randall Becker

Note that security fixes to 1.0.2 are no being released by ITUGLIB or the OpenSSL team through standard support channels. If you require fixes to this release, there are options available.

Randall

2021-03-26 01:49:45 UTC

Permalink

Post by Randall
Hi Everyone,
A critical security patch to OpenSSL has been released on the ITUGLIB website. It was officially announced earlier today by OpenSSL.
This patch, 1.1.1k, fixes a problem introduced in 1.1.1h referring to CVE-2021-3450.
On Behalf of the ITUGLIB Technical Committee,
Randall Becker
Note that security fixes to 1.0.2 are no being released by ITUGLIB or the OpenSSL team through standard support channels. If you require fixes to this release, there are options available.

As a reminder, the builds ITUGLIB publishes are:
J-series: Standard; PUT; SPT (32-bit with Floss)
L-series: Standard; PUT; SPT (32-bit with Floss); IEEE float (should be compatible with T2813)

Randall

2021-03-26 01:51:03 UTC

Permalink

Post by Randall

J-series: Standard; PUT; SPT (32-bit with Floss)
L-series: Standard; PUT; SPT (32-bit with Floss); IEEE float (should be compatible with T2813)

The IEEE float build should be compatible with the NS HTTP Server, although, use at your own discretion.