Openssl Vunerability #3940
-
|
Is there any impact to td-agent with Openssl Vunerability? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment
-
|
OpenSSL versions 3.0.0 to 3.0.6 are vulnerable to this issue. On GNU/Linux, td-agent uses system's OpenSSL. On Windows and macOS, we bundle OpenSSL 1.1.1 which isn't vulnerable to this issue. |
Beta Was this translation helpful? Give feedback.
OpenSSL versions 3.0.0 to 3.0.6 are vulnerable to this issue.
https://mta.openssl.org/pipermail/openssl-announce/2022-November/000243.html
On GNU/Linux, td-agent uses system's OpenSSL.
OpenSSL package of RHEL 9 and Ubuntu 22.04 are v3, so they are affected.
Please upgrade your OpenSSL pacakge if you use td-agent on such systems.
OpenSSL package of RHEL 7, RHEL 8, Amazon Linux 2, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Debian buster, Debian bullseye are v1.1.1,
so that they aren't vulnerable to this issue.
On Windows and macOS, we bundle OpenSSL 1.1.1 which isn't vulnerable to this issue.