[OmniOS-discuss] SECURITY UPDATE FOR OpenSSL & Perl; plus other fixes
Dan McDonald
danmcd at omniti.com
Tue Mar 1 18:55:42 UTC 2016
Please "pkg update" your r151006 (old LTS), r151014 (LTS), or r151016 (Stable) systems.
All of the aforementioned releases will get new versions of OpenSSL that addresses the DROWN attack (CVE-2016-0800), and an update to Perl that addresses an environment duplication attack (CVE-2016-2381).
Furthermore, r151014 & r151016 will receive OpenSSH updates that catch it up with certain SunSSH features (like GSSAPI support) that are currently in bloody. Also, r151014 will receive small SMF updates to NTP and ISC DHCP that enable auto-restart of these services upon any future software updates.
OmniOS bloody will receive a full refresh update within the next 72 hours.
NOTE that SSLv2 and MD2 support are deprecated with this update (OpenSSL 1.0.2g for r151014 and later, OpenSSL 1.0.1s for r151006).
Happy patching!
Dan
p.s. r151006 still gets security updates, but that will stop soon. I'll discuss under a separate email.
More information about the OmniOS-discuss
mailing list