[tor-relays] Recommendation: Upgrade your OpenSSL!

Nick Mathewson nickm at torproject.org
Thu Jun 11 18:30:35 UTC 2015

Hi, relay operators!

There have been a series of new openssl releases today: 0.9.8zg,
1.0.0s, 1.0.1n, and 1.0.2b.

They fix a set of security issues described in this announcement:

Since some of these issues could allow a remote denial-of-service
attack, I would suggest that everybody should upgrade as OpenSSL
packages become available for your operating systems.   If you build
OpenSSL from source, now's a good time to rebuild.  You probably don't
need to run in circles freaking out, or anything -- just upgrade when
you can.

Also, if you can possibly avoid it, it would be a good idea to stop
using the OpenSSL 0.9.8 series entirely.  It's old and crufty and is
missing many security improvements in later versions.  OpenSSL 0.9.8
will not be supported in Tor or later.

best wishes, and many thanks!
Nick Mathewson

More information about the tor-relays mailing list