OpenSSL: bumped to 1.1.1n for DoS vulnerability

It's been mentioned in various places in the press (e.g. here), and the advisory is here.

The fix for our repository was pushed last week.

Since a number of popular solutions (e.g. OpenVPN) use it, and since the threshold for exploitation seems trivial, I thought it worth mentioning here. I know it's not generally advised to upgrade packages, but this one is probably warranted.

1 Like