ELA-484-1 openssl security update

alternate chains verification

2021-09-18
Packageopenssl
Version1.0.1t-1+deb8u15


OpenSSL, a cryptography library for secure communication, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let’s Encrypt certificates, starting 2021-10-01.



For Debian 8 jessie, these problems have been fixed in version 1.0.1t-1+deb8u15.

We recommend that you upgrade your openssl packages.

Further information about Extended LTS security advisories can be found at: debian Extended Long term support