Skip to content

Bump OpenSSL component to 3.0.14 #9382

New issue
New issue
Closed
Closed
Bump OpenSSL component to 3.0.14#9382
Labels
maintenanceMaintenance chores are excluded from changelogstriagedJira issue has been created for this
@cthorn42

Description

@cthorn42
cthorn42
opened on Jun 5, 2024

OpenSSL released a new version that has a few security fixes that affect the 3.0.x series we use. We're currently on 3.0.13 with the OpenSSL we package together for the latest puppet-agent.
Those CVEs that will be fixed by updating to OpenSSL 3.0.14 are: CVE-2024-4741 CVE-2024-4603 CVE-2024-2511
All of those are rated 'low', so there isn't an critical need to have this patched right away.

Metadata

Metadata

Assignees

No one assigned

    Labels

    maintenanceMaintenance chores are excluded from changelogstriagedJira issue has been created for this

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions