New OpenSSL vulnerability: NoTouch is NOT affected (CVE-2015-1793)

  • Published:
  • Updated:
  • Author: Stratodesk

Today, July 9th, 2015 an OpenSSL vulnerability was disclosed: CVE-2015-1793. NoTouch is not affected.

An error in the implementation of the alternative certificate chain logic could allow an attacker to cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and “issue” an invalid certificate. However, this bug was introduced in OpenSSL 1.0.1n, whereas both NoTouch OS as well as the Stratodesk Virtual Appliance use an improved version of 1.0.1f.

Thus, there is nothing to do and no update or patch is necessary.

author avatar
Stratodesk
See Full Bio

Share this

New OpenSSL vulnerability: NoTouch is NOT affected (CVE-2015-1793)

Today, July 9th, 2015 an OpenSSL vulnerability was disclosed: CVE-2015-1793. NoTouch is not affected.

An error in the implementation of the alternative certificate chain logic could allow an attacker to cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and “issue” an invalid certificate. However, this bug was introduced in OpenSSL 1.0.1n, whereas both NoTouch OS as well as the Stratodesk Virtual Appliance use an improved version of 1.0.1f.

Thus, there is nothing to do and no update or patch is necessary.

author avatar
Stratodesk
See Full Bio
The Total Cost of Ownership (TCO) for Business PCs
July 10, 2024

Organizations of every size are gearing up to invest in new IT assets this year,…

Read more
Stratodesk June 2024 Newsletter
July 9, 2024

Discover the Latest Updates from Stratodesk! Explore our latest June 2024 newsletter for all the…

Read more
NoTouch Summer 2024 Release
June 24, 2024

Welcome Summer with New Updates from NoTouch OS As we embrace the sunny month of…

Read more

Subscribe to our newsletter:

Back To Top