With the recent SSL Library announcement SSL plans on releasing a patch tomorrow at 1PM. Will Peplink have a patch released this week base on this? If not, when will the patch be available?
Thank you,
- Coros
1 Like
Hi Coros, can you share me more info about this announcement or any CVE info? Let me do verification at my side.
I receive questions from clients about hugh vulnerability in OpenSSL 3.
I was going to post in here about the same as we are receiving a notice from our security team about the same CVE info.
We’re running a FusionHub instance on AWS and it’s been identified as potentially running OpenSSL 3.0 which will need to be patched.
If we are talking about CVE-2022-3602, then the status is here. We are not affected since we are on OpenSSL 1.1.1.
Ref - https://www.openssl.org/news/secadv/20221101.txt
1 Like
Thanks Eddy!
Is there any documentation or supporting statement showing installed library is on 1.1.1.
This would be for us to present to our security team if they ask.