Back
-
Platform
BackManage PKI and Certificate Risk in One Place
-
Solutions
BackThe Smarter Way to Manage Certificate LifecyclesSoftware Supply Chain Security
Protect your entire software supply chain with automated tools
- Buy
-
Company
BackManage PKI and Certificate Risk in One Place
-
Resources
Back
- Support
- Contact us
- Language
This morning, OpenSSL released six security patches—versions 1.0.2b, 1.0.1n, 1.0.0s, and 0.9.8zg—for new security vulnerabilities discovered in OpenSSL. These patches fix six vulnerabilities: five are rated moderate risk and one is classified as low risk.
For a full list, see the OpenSSL advisory.
None of these bugs affects SSL Certificates; no action related to certificate management is required.Administrators should update their instances of OpenSSL:
- OpenSSL 1.0.2 users should upgrade to 1.0.2b
- OpenSSL 1.0.1 users should upgrade to 1.0.1n
- OpenSSL 1.0.0d (and below) users should upgrade to 1.0.0s
- OpenSSL 0.9.8r (and below) users should upgrade to 0.9.8zg
Source code is available for the OpenSSL patches here.
Keeping OpenSSL Secure
As part of the industry's refocus on strengthening the security in the cores services that multitude organizations rely on, OpenSSL continues to discover and then patch vulnerabilities in the OpenSSL framework. This process of finding and fixing is needed for long-term security and to keep the projects strong and hopefully, to patch these vulnerabilities before attackers can deduce ways to take advantage of them. Although the time and energy required to apply the patches can frustrate even the most dedicated system admin, these steps are needed to keep the OpenSSL code secure now and for years to come.
Featured Stories
-
The most-trusted global provider of high-assurance TLS/SSL, PKI, IoT and signing solutions.
-
-
© 2025 DigiCert, Inc. All rights reserved.
Legal Repository Audits & Certifications Terms of Use Privacy Center Accessibility Cookie Settings