You are here
OpenSSL Vulnerabilities Fixed in Version 1.1.1q
Submitted on 7. July 2022 - 20:03 by rischi.
Last update on 7. July 2022 - 20:08.
Last update on 7. July 2022 - 20:08.
IDs:
CVE-2022-2097, CVE-2022-2274
Keywords:
openssl
Description:
OpenSSL released version 1.1.1q fixing one vulnerabilitiy [1].
All currently supported Airlock Gateway versions use OpenSSL 1.1.1 to handle TLS connections.
No action required for Airlock Gateway
Details:
-
CVE-2022-2097 Affects Offset Code Book (OCB) mode which is not used for TLS.
The second vulnerability CVE-2022-2274 affects OpenSSL version 3 only, which is not yet used by Airlock Gateway.
Component:
Airlock
Airlock Vulnerability Status:
Does not affect Airlock
Back-end Vulnerability Status:
Does not affect back-end behind Airlock
Reference: