Simon_Waters_13
Mar 19, 2015Cirrostratus
Today's OpenSSL vulnerabilities - what are best channels for updates?
OpenSSL have given heads-up on release of high severity issue between 11am and 3pm today.
Have F5 been given advanced notice on these issues? e.g. Do they expect to issue a fix immediately the issues are made public?
What are the best channels for getting any information updates from F5 on this issue?
I'm already on the security announce email list, and following on twitter.
Appreciate F5 are in a tricky position because they can't simply roll vendor OpenSSL packages to clients, and in many cases there is more engineering to do to even establish when it is a problem.
On the other-hand we are all be getting quite good at this urgent patching malarky :(