The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
SVG:Advisory-SVG-2015-CVE-2015-3193
Jump to navigation
Jump to search
| Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
Advisory-SVG-2015-CVE-2015-3193
** WHITE information - Unlimited distribution allowed ** ** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions ** EGI SVG ADVISORY [EGI-SVG-OpenSSL-CVE-2015] Title: EGI SVG Advisory 'Low' RISK - OpenSSL announcement on 3rd December Date: 2015-12-07 Updated: URL: https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2015-CVE-2015-3193 Brief Advisory =============== OpenSSL announced several vulnerabilities on 3rd December 2015 https://www.openssl.org/news/secadv/20151203.txt SVG has looked at this announcement and considers all these vulnerabilities to be either 'Low' risk or not applicable in the EGI environment. Recommendations =============== Sites are recommended to update relevant components as part of their normal maintenance routine. Credit ====== SVG alerted to this vulnerability by Raul Lopes. Comments ======== Comments or questions should be sent to svg-rat at mailman.egi.eu We are currently revising the vulnerability issue handling procedure so suggestions and comments are welcome. Timeline ======== Yyyy-mm-dd 2015-12-03 Vulnerabilities announced by OpenSSL and SVG alerted 2015-12-04 Assessment by the EGI Software Vulnerability Group 2015-12-07 Brief advisory to sites drafted