Vulnerability in openssl 1.1.1h-j

[StR]

@RMerlin
Just in case: Openssl has announced today two "high-severity" vulnerabilities that are present in 1.1.1h-1.1.1j. 1.1.1k fixes both of them.
From reading the changelog, I am concluding that both 386.1 and 386.1_2 are affected,

The current 386.2 Beta with its 1.1.1j should be affected too. I wonder if it is not too late to update to 1.1.1k in it.

 

[Datalink]

Already done earlier today:

Commits · RMerl/asuswrt-merlin.ng

Third party firmware for Asus routers (newer codebase) - Commits · RMerl/asuswrt-merlin.ng

github.com

 

[dave14305]

You gotta wake up pretty early to out-wizard RMerlin.

 

[RMerlin]

I've known for a few days that the release would land today. One of the two bugs it fixes should not affect routers, the other one I'm not sure, the worst it could do is potentially cause a crash.

 

[StR]

Wonderful! Thank you!
I was guessing you'd be informed.

 

[XIII]

Reported that on Monday: https://www.snbforums.com/threads/a...ta-is-now-available.71038/page-24#post-675637

Glad to see it's already updated. Thanks!