OpenSSL CCS Injection Security Alert (CVE-2014-0224)
Red Hat has released a new security advisory and tooling to help protect customers from OpenSSL's CCS Injection vulnerability (CVE-2014-0224). The vulnerability poses a threat for potential man-in-the-middle-attacks in certain situations. Variants of the following products can be affected:
- Red Hat Enterprise Linux
- Red Hat Storage
- Red Hat Enterprise Virtualization
- Red Hat JBoss Enterprise Application Platform
- Red Hat JBoss Web Server
- Red Hat JBoss Web Platform
In order to avoid impact, you should update to the newest version of OpenSSL available for their product. For additional details, see Information on CVE-2014-0224.
Red Hat Access Labs has released the CCS Injection Detector to help you validate your systems have been patched against this vulnerability.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
