/tags/openssl/ Recent content in Openssl on Flatcar Container Linux Hugo en-us Copyright © The Flatcar Project Contributors. Copyright © Flatcar a Series of LF Projects, LLC. For website terms of use, trademark policy and other project policies please see <a href="https://lfprojects.org/policies/">lfprojects.org/policies</a>. Mon, 07 Nov 2022 14:00:00 +0200 /blog/2022/11/about-the-handling-of-embargoed-security-issues/ Mon, 07 Nov 2022 14:00:00 +0200 /blog/2022/11/about-the-handling-of-embargoed-security-issues/ <p><strong>TL; DR</strong>: Flatcar is safe against recent OpenSSL vulnerabilities</p> <p>With the recent OpenSSL vulnerabilities <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-3786" target="_blank" rel="noopener">CVE-2022-3786</a> and <a href="https://nvd.nist.gov/vuln/detail/CVE-2022-3602" target="_blank" rel="noopener">CVE-2022-3602</a> , the Flatcar team has provided as soon as possible a batch of releases for impacted Flatcar channels (all except LTS which is not impacted). Releases have been published within one hour after the official public <a href="https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/" target="_blank" rel="noopener">announcement</a> and users were able to secure their workloads almost immediately without unexpected turbulences as the releases included only minimal changes to address the security issues.</p>