[SA-0003] [SS-2403] OpenSSL vulnerability in FreeBSD 10.3-RELEASE-p17, and 11.0-STABLE

Dear valued Sippy Customer,

A security vulnerability was reported through the FreeBSD Project.  If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash.  Additional details for this security vulnerability can be found here:

The updated patched versions have been tested with Sippy Softswitch and approved for deployment since March 23rd, 2017.


Phillip Ma

Product Manager

Sippy Software

Login or Signup to post a comment