Vulnerability Bulletins

OpenSSL Security Advisories - November 2022


System information

   
Affected software AmazonWS

Description

Initial Publication Date: 2022/11/01 09:00 PDT AWS is aware of the recently reported issues regarding OpenSSL 3.0 (CVE-2022-3602 and CVE-2022-3786). AWS services are not affected, and no customer action is required. Additionally, Amazon Linux 1 and Amazon Linux 2 do not ship with OpenSSL 3.0 and are not affected by these issues. Customers utilizing Amazon Linux 2022, Bottlerocket OS or ECS-optimized Amazon Machine Images (AMIs) on Amazon ECS should read the instructions below. As a security

More info:

https://aws.amazon.com/security/security-bulletins/AWS-2022-008/

Standar resources

Property Value
CVE CVE-2022-3602 and CVE-2022-3786.

Version history

Version Comments Date
1.0 Advisory issued 2022-11-12
Ministerio de Defensa
CNI
CCN
CCN-CERT