Upcoming patch for a critical vulnerability in OpenSSL on November 1st

Dear self-hosters,

we are relaying this information:

OpenSSL will release a patch for a critical vulnerability on November 1st

We advise to keep a close look on this and promptly upgrade your server once the patch will be available in Debian


Thank you!

1 Like

Apparently, this vulnerability would only affect OpenSSL 3. Since debian 11 ships with OpenSSL 1.1.1, it should not be affected source. But as always, better safe than sorry.


This could affect PHP8.1 too
See OpenSSL-2022/software at main · NCSC-NL/OpenSSL-2022 · GitHub