octave-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Octave-bug-tracker] [bug #63876] [MXE Octave] OpenSSL vulnerability

From: anonymous
Subject: [Octave-bug-tracker] [bug #63876] [MXE Octave] OpenSSL vulnerability
Date: Wed, 8 Mar 2023 05:12:06 -0500 (EST) 
Follow-up Comment #5, bug #63876 (project octave):

I have installed Octave 8.1 and the version of OpenSSL it uses (3.0.7) also
has a critical CVE:

CVE-2022-4203

https://nvd.nist.gov/vuln/detail/CVE-2022-4203

Advisory from OpenSSL is in here:
https://www.openssl.org/news/secadv/20230207.txt

Is there any issue with manually patching by simply dropping a new openssl.exe
replacement (OpenSSL 3.0.8) at:
GNU Octave\Octave-8.1.0\usr\bin\openssl.exe

Should I open a new bug for this?


    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?63876>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]