CVE
CVE-2015-1793
Summary
OpenSSL has released updates to address a flaw that can potentially allow an attacker cause certain checks on untrusted certificates to be bypassed.
Affected versions
OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o
Recommendation
OpenSSL 1.0.2b/1.0.2c system administrators are advised to upgrade to 1.0.2d.
OpenSSL 1.0.1n/1.0.1o system administrators are advised to upgrade to 1.0.1p.
Useful Links
https://www.openssl.org/news/secadv_20150709.txt
https://www.us-cert.gov/ncas/current-activity/2015/07/09/OpenSSL-Releases-Security-Advisory
https://access.redhat.com/solutions/1523323