Critical OpenSSL Vulnerability CVE-2015-1793 Affects Linux Distros
A high-severity vulnerability, CVE-2015-1793, has been discovered in certain versions of OpenSSL. This allows certificate forgery and affects various Linux distributions and OpenSSL versions. Users are urged to upgrade to patched versions.
The OpenSSL team has announced a fix for the vulnerability, which impacts OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o. Users of OpenSSL 1.0.2b/1.0.2c should upgrade to 1.0.2d, while those using 1.0.1n/1.0.1o should update to 1.0.1p.
RedHat products and Debian stable and old stable versions are not affected. However, Debian 'testing' and 'unstable' versions, as well as Ubuntu 12.04LTS, 14.04LTS, 14.10LTS, 15.04, and 15.10, and OpenSUSE 13.1, 13.2, and Tumbleweed distributions are vulnerable and should be updated. Organizations and developers are advised to upgrade to the latest patched versions to minimize risk. Qualys has released QID 38104 for more information on this check.
In summary, the CVE-2015-1793 vulnerability affects specific OpenSSL versions and certain Linux distributions. Users are strongly encouraged to upgrade to the latest patched versions to ensure the security of their systems.
Read also:
- Trump and Xi speak over the phone, according to China's confirmation.
- Prices of transit tickets in Berlin and Brandenburg are on the rise
- Linde Wins Major Engineering Design Contract for Equinor's Low Carbon Hydrogen Project at H2H Saltend, Progressing Towards a Greener Future
- Economic Growth of Nitric Acid for Electronic Applications Anticipated to Reach 5.8% by 2034
