OpenSSL 1.0.2u - fixes CVE-2019-1551

wattie

Verified User
Joined
May 31, 2008
Messages
1,083
Location
Bulgaria
The changelog states that they "fixed an an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli (CVE-2019-1551)"

Sadly OpenSSL 1.0.2 will be EOL at the end of the year (sad for providers who still want to continue to support PHP 5.x). The OpenSSL team focuses in the development of version 3.0.
 

shanti

Verified User
Joined
Apr 8, 2009
Messages
54
Location
Wien / Vienna - Austria
Sadly OpenSSL 1.0.2 will be EOL at the end of the year (sad for providers who still want to continue to support PHP 5.x). The OpenSSL team focuses in the development of version 3.0.
what exactly are the impacts ? what are the bonds relating php5.9 to openssl 1.0 (or any other version like 1.1 )?
br
 
Top