Wednesday 25 August 2021
The impact of this issue announcement is critical. Please act accordingly to rectify the issue, as stated below.
What you need to know:
The OpenSSL Project has announced the release of OpenSSL 1.1.1l to address a buffer overflow related to SM2 decryption (CVE-2021-3711), which could allow an attacker to crash an application or change its behaviour.
OpenSSL versions prior to 1.1.1
Actions to be taken:
Administrators are advised to update to the latest version.