Security Advisory: OpenSSL project release OpenSSL update

Forum / General Discussions / Security Advisory: OpenSSL project release OpenSSL update

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #11205
    Britgirl
    Keymaster

    To all NoMachiners,

    The OpenSSL project has released an update of its OpenSSL packages to provide patches for recent security vulnerabilities:

    https://www.openssl.org/news/secadv/20160503.txt

    The following, taken from the list of security fixes available in OpenSSL 1.0.2h and 1.0.1t, affect NoMachine version 5 Cloud Server packages:

    – Prevent padding oracle in AES-NI CBC MAC check

    Other issues with lower severity may affect NoMachine software packages:

    – Fix EVP_EncodeUpdate overflow

    – Fix EVP_EncryptUpdate overflow

    – Prevent ASN.1 BIO excessive memory allocation

    – EBCDIC overread

     

    NoMachine 5.1.26 is now available and additionally fixes two issues in the previous version.

    For further information please consult the announcement here: https://www.nomachine.com/SU05N00101.

Viewing 1 post (of 1 total)

This topic was marked as closed, you can't post.