Security Advisory: OpenSSL update released

Forum / General Discussions / Security Advisory: OpenSSL update released

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #10400
    Britgirl
    Keymaster

    To all NoMachiners,

    The OpenSSL project has released an update of its OpenSSL packages to consolidate previous fixes and provide patches for recent security vulnerabilities:

    https://www.openssl.org/news/openssl-1.0.1-notes.html

    From the list of security fixes available in OpenSSL 1.0.1s, the following may affect NoMachine version 5 packages:

    – Fix a double-free in DSA code (CVE-2016-0705)
    – Disable SRP fake user seed to address a server memory leak
    (CVE-2016-0798)
    – Fix memory issues in BIO_*printf functions (CVE-2016-0799)
    – Fix side channel attack on modular exponentiation (CVE-2016-0702)

    All NoMachine users are advised to update their client and server installations with this latest NoMachine release, 5.1.9, which contains the updated OpenSSL components.

    Complete security advisory is available here: https://www.nomachine.com/SU07N00100

    Additionally, this release fixes an installation issue affecting 5.1.7 on Mac OS X.

    https://www.nomachine.com/TR03N06563

    Updates to version 4 are also available. Please see here for further information:
    https://www.nomachine.com/SU08N00100.

Viewing 1 post (of 1 total)

This topic was marked as closed, you can't post.