{"id":1689,"date":"2016-03-01T22:26:37","date_gmt":"2016-03-01T19:26:37","guid":{"rendered":"https:\/\/sobbayi.com\/?p=1689"},"modified":"2016-03-01T22:26:37","modified_gmt":"2016-03-01T19:26:37","slug":"openssl-1-0-2g-1-0-1s-released","status":"publish","type":"post","link":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/","title":{"rendered":"OpenSSL 1.0.2g and 1.0.1s Have Been Released"},"content":{"rendered":"

OpenSSL 1.0.2g and OpenSSL 1.0.1s are now available for download. These updates have been anticipated since they were announced on February 25, 2016, as they are termed critical and require updates as soon as possible.<\/p>\n

These updates address several bug issues and some critical security fixes as well. The new versions of OpenSSL are available for immediate download as of March 1, 2016.<\/p>\n

What is new in OpenSSL 1.0.2g and OpenSSL 1.0.1s?<\/h2>\n

Before we mention what is significant about these two updates it is good to know what the difference is. OpenSSL 1.0.2g is a long-term support release (LTS). The support is covered until December 31, 2019. As for OpenSSL 1.0.1s, this s simply a security and bug fix update. The end-of-life for this version is scheduled for December 31, 2016.<\/p>\n

Both of these OpenSSL versions address a vulnerability in the SSLv2 and therefore it has disabled the SSLv2 protocol by default, as well as removed the SSLv2 EXPORT ciphers.<\/p>\n

The use of SSLv2 has been discouraged for a while now in favor of TLS 1.2. The revelations that a new vulnerability has been discovered in the said protocol just goes to cement what has been common knowledge about the now weak SSL protocol. According to OpenSSL, a cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites. This issue can be avoided by having server administrators disable the SSLv2 protocol in all their SSL\/TLS servers.<\/p>\n

OpenSSL 1.0.2g and OpenSSL 1.0.1s will not build SSLv2 anymore unless explicitly expressed via\u00a0enable-ssl2<\/span> . If built with SSLv2 again the user will have to explicitly enable SSLv2 so as to use it on their server.<\/p>\n

Other types of bugs found and fixed include some that potentially allow DoS attacks, memory leaks or memory corruption. That also includes heap corruption issues. OpenSSL was plagued with a severe bug known as the Heartbleed bug. Heartbleed is a security a buffer over-read bug that was disclosed in April 2014 affecting the OpenSSL cryptography library and results from improper input validation on the client or server side.<\/p>\n

OpenSSL strongly recommends all users to immediately update their existing deployments to OpenSSL 1.0.2g or OpenSSL 1.0.1s. You can get the downloads of these critical updates here<\/a>. Updates can also be made directly from various platform distros.<\/p>\n

Ref:
\nhttps:\/\/www.openssl.org\/news\/secadv\/20160301.txt<\/a>
\nhttps:\/\/www.openssl.org\/news\/newslog.html<\/a><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

OpenSSL 1.0.2g and OpenSSL 1.0.1s are now available for download. These updates have been anticipated since they were announced on February 25, 2016, as they are termed critical and require…<\/p>\n","protected":false},"author":1,"featured_media":7305,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25,13,28,16],"tags":[304,320,397,428,526,555,587,636],"yoast_head":"\nOpenSSL 1.0.2g and 1.0.1s are now Available for Download<\/title>\n<meta name=\"description\" content=\"New versions namely OpenSSL 1.0.2g and OpenSSL 1.0.1s are have been released now Available for Download. They both address critical security vulnerabilities\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpenSSL 1.0.2g and 1.0.1s are now Available for Download\" \/>\n<meta property=\"og:description\" content=\"New versions namely OpenSSL 1.0.2g and OpenSSL 1.0.1s are have been released now Available for Download. They both address critical security vulnerabilities\" \/>\n<meta property=\"og:url\" content=\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\" \/>\n<meta property=\"og:site_name\" content=\"Brightwhiz.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/brightwhiz\/\" \/>\n<meta property=\"article:published_time\" content=\"2016-03-01T19:26:37+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Bright\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:site\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Bright\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\"},\"author\":{\"name\":\"Michael Bright\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\"},\"headline\":\"OpenSSL 1.0.2g and 1.0.1s Have Been Released\",\"datePublished\":\"2016-03-01T19:26:37+00:00\",\"dateModified\":\"2016-03-01T19:26:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\"},\"wordCount\":403,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg\",\"keywords\":[\"HTTP\",\"Internet\",\"Networking\",\"OpenSSL\",\"Security\",\"SSL\",\"TLS\",\"Web Applications\"],\"articleSection\":[\"Libraries\",\"News\",\"Software\",\"Technology\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\",\"url\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\",\"name\":\"OpenSSL 1.0.2g and 1.0.1s are now Available for Download\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg\",\"datePublished\":\"2016-03-01T19:26:37+00:00\",\"dateModified\":\"2016-03-01T19:26:37+00:00\",\"description\":\"New versions namely OpenSSL 1.0.2g and OpenSSL 1.0.1s are have been released now Available for Download. They both address critical security vulnerabilities\",\"breadcrumb\":{\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg\",\"width\":1200,\"height\":630,\"caption\":\"OpenSSL 1.0.2g Security Mona Lisa\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/local.brightwhiz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OpenSSL 1.0.2g and 1.0.1s Have Been Released\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/local.brightwhiz\/#website\",\"url\":\"http:\/\/local.brightwhiz\/\",\"name\":\"Brightwhiz.com\",\"description\":\"Best Tech guides, Tutorials, and News\",\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/local.brightwhiz\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/local.brightwhiz\/#organization\",\"name\":\"Brightwhiz\",\"url\":\"http:\/\/local.brightwhiz\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"width\":706,\"height\":135,\"caption\":\"Brightwhiz\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/brightwhiz\/\",\"https:\/\/twitter.com\/brightwhizmag\",\"https:\/\/instagram.com\/bright_whiz\/\",\"https:\/\/www.pinterest.com\/sobbayi\/\",\"https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\",\"name\":\"Michael Bright\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"caption\":\"Michael Bright\"},\"sameAs\":[\"https:\/\/sobbayi.com\"],\"url\":\"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpenSSL 1.0.2g and 1.0.1s are now Available for Download","description":"New versions namely OpenSSL 1.0.2g and OpenSSL 1.0.1s are have been released now Available for Download. They both address critical security vulnerabilities","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/","og_locale":"en_US","og_type":"article","og_title":"OpenSSL 1.0.2g and 1.0.1s are now Available for Download","og_description":"New versions namely OpenSSL 1.0.2g and OpenSSL 1.0.1s are have been released now Available for Download. They both address critical security vulnerabilities","og_url":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/","og_site_name":"Brightwhiz.com","article_publisher":"https:\/\/www.facebook.com\/brightwhiz\/","article_published_time":"2016-03-01T19:26:37+00:00","og_image":[{"width":1200,"height":630,"url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg","type":"image\/jpeg"}],"author":"Michael Bright","twitter_card":"summary_large_image","twitter_creator":"@brightwhizmag","twitter_site":"@brightwhizmag","twitter_misc":{"Written by":"Michael Bright","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#article","isPartOf":{"@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/"},"author":{"name":"Michael Bright","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32"},"headline":"OpenSSL 1.0.2g and 1.0.1s Have Been Released","datePublished":"2016-03-01T19:26:37+00:00","dateModified":"2016-03-01T19:26:37+00:00","mainEntityOfPage":{"@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/"},"wordCount":403,"commentCount":0,"publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"image":{"@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg","keywords":["HTTP","Internet","Networking","OpenSSL","Security","SSL","TLS","Web Applications"],"articleSection":["Libraries","News","Software","Technology"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#respond"]}]},{"@type":"WebPage","@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/","url":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/","name":"OpenSSL 1.0.2g and 1.0.1s are now Available for Download","isPartOf":{"@id":"http:\/\/local.brightwhiz\/#website"},"primaryImageOfPage":{"@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage"},"image":{"@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg","datePublished":"2016-03-01T19:26:37+00:00","dateModified":"2016-03-01T19:26:37+00:00","description":"New versions namely OpenSSL 1.0.2g and OpenSSL 1.0.1s are have been released now Available for Download. They both address critical security vulnerabilities","breadcrumb":{"@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#primaryimage","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2016\/03\/openssl-1.0.2g-security-mona_lisab.jpg","width":1200,"height":630,"caption":"OpenSSL 1.0.2g Security Mona Lisa"},{"@type":"BreadcrumbList","@id":"http:\/\/local.brightwhiz\/openssl-1-0-2g-1-0-1s-released\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/local.brightwhiz\/"},{"@type":"ListItem","position":2,"name":"OpenSSL 1.0.2g and 1.0.1s Have Been Released"}]},{"@type":"WebSite","@id":"http:\/\/local.brightwhiz\/#website","url":"http:\/\/local.brightwhiz\/","name":"Brightwhiz.com","description":"Best Tech guides, Tutorials, and News","publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/local.brightwhiz\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"http:\/\/local.brightwhiz\/#organization","name":"Brightwhiz","url":"http:\/\/local.brightwhiz\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","width":706,"height":135,"caption":"Brightwhiz"},"image":{"@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/brightwhiz\/","https:\/\/twitter.com\/brightwhizmag","https:\/\/instagram.com\/bright_whiz\/","https:\/\/www.pinterest.com\/sobbayi\/","https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ"]},{"@type":"Person","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32","name":"Michael Bright","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","caption":"Michael Bright"},"sameAs":["https:\/\/sobbayi.com"],"url":"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/"}]}},"_links":{"self":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/1689"}],"collection":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/comments?post=1689"}],"version-history":[{"count":0,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/1689\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media\/7305"}],"wp:attachment":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media?parent=1689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/categories?post=1689"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/tags?post=1689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}