Dear self-hosters,
we are relaying this information:
OpenSSL will release a patch for a critical vulnerability on November 1st
We advise to keep a close look on this and promptly upgrade your server once the patch will be available in Debian
12 Likes
Thank you!
1 Like
Apparently, this vulnerability would only affect OpenSSL 3. Since debian 11 ships with OpenSSL 1.1.1, it should not be affected source. But as always, better safe than sorry.
3 Likes
This could affect PHP8.1 too
See OpenSSL-2022/software at main · NCSC-NL/OpenSSL-2022 · GitHub