This post covers 2022-10-24 to 2022-10-31.
Vulnerabilities#
Critical OpenSSL Release#
OpenSSL published a notification for a security-fix release. This update will include a Critical vulnerability for OpenSSL 3.0.x. No additional information or CVE number was published. The details will be made public on November 1st between 13 and 17 UTC. Let’s hope this is not another Heartbleed.
NCSC-NL collected information available so far. Prior to the publication potentially impacted components should identified to be able to act quickly.