You are here

Home › OpenSSL Vulnerabilities Fixed in Version 1.1.1t/3.0.8

OpenSSL Vulnerabilities Fixed in Version 1.1.1t/3.0.8

Submitted on 7. February 2023 - 17:40 by rischi.
Last update on 8. February 2023 - 19:23.
IDs: 
CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217, CVE-2023-0401
Keywords: 
openssl
Description: 

OpenSSL released version 1.1.1t and 3.0.8 fixing 8 vulnerabilities [1].

Currently supported Airlock Gateway and Microgateway versions use OpenSSL 1.1.1 and 3.0.7 [2] to handle front-side/downstream TLS connections.

We are not aware of possible exploits related to the vulnerabilities.

Hotfix HF0051 for Gateway and Microgateway 3.3.1 is available to update OpenSSL.

Resolution: 

We recommend to apply the hotfixes and update Microgateway when available.

Component: 
Airlock
Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
Does not affect back-end behind Airlock
Reference: 
[1] OpenSSL Security Advisory [7th February 2023]
[2] AIRLOCK GATEWAY 8.0-HF0050
© Ergon Informatik AG