ELA-484-1 openssl security update

alternate chains verification


OpenSSL, a cryptography library for secure communication, fails to validate alternate trust chains in some conditions. In particular this breaks connecting to servers that use Let’s Encrypt certificates, starting 2021-10-01.

For Debian 8 jessie, these problems have been fixed in version 1.0.1t-1+deb8u15.

We recommend that you upgrade your openssl packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.