OpenSSL Exploits Fixed in All Supported Ubuntu OSes

Users just have to update the operating system in order to repair the problem

By on February 21st, 2013 14:42 GMT

On February 20, Canonical published in a security notice details about OpenSSL vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS operating systems.

According to Canonical, several security issues have been fixed in OpenSSL.

It was discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service.

For a more detailed description of the security problems, you can visit Canonical's security notification.

The security flaws can be fixed if you upgrade your system(s) to the latest libssl package, specific to each distribution. To apply the update, run the Update Manager application.

After a standard system update, you need to reboot your computer to make all the necessary changes.

Comments