OpenSSL CVE-2017-3735 Buffer Overflow Vulnerability
Description
Severity: LowThis issue was previously announced in security advisoryhttps://www.openssl.org/news/secadv/20170828.txt, but the fix has not previouslybeen included in a release due to its low severity.OpenSSL 1.1.0 users should upgrade to 1.1.0gOpenSSL 1.0.2 users should upgrade to 1.0.2mNoteSupport for version 1.0.1 ended on 31st December 2016. Support for versions0.9.8 and 1.0.0 ended on 31st December 2015. Those versions are no longerreceiving security updates.ReferencesURL for this Security Advisory:https://www.openssl.org/news/secadv/20171102.txtNote: the online version of the advisory may be updated with additional detailsover time.For details of OpenSSL severity classifications please see:https://www.openssl.org/policies/secpolicy.html
Affected Applications
OpenSSL