Canonical Fixes OpenSSL Vulnerability in Ubuntu 12.10 and Ubuntu 12.04

Users will have to update the operating system in order to fix the problem

By on March 25th, 2013 16:37 GMT

On March 25, Canonical published in a security notice details about OpenSSL vulnerability for its Ubuntu 12.10 and Ubuntu 12.04 operating systems.

According to Canonical, OpenSSL could be made to expose sensitive information over the network.

Adam Langley and Wolfgang Ettlingers discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service.

For a more detailed description of the security problems, you can visit Canonical's security notification.

The security flaws can be fixed if you upgrade your system(s) to the latest libssl1.0.0 package, specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart will not be needed to implement the changes.

Comments