OpenSSL CVE-2022-3602 vulnerabilities I found in ECS containers

Please check the OpenSSL Security Advisory post for November 2022 that we published. In here you will find links to rectify OpenSSL vulnerabilities for ECS.

The recommended fix for both CVE-2022-3602 and CVE-2022-3786 is to update OpenSSL to version 3.0.7.

Depending on the Container OS that you are using, it will have different packages versions to update. For example, Ubuntu 22.04 users can upgrade the “openssl” package to version 3.0.2-0ubuntu1.7. Red Hat Enterprise Linux 9 users can upgrade the “openssl” package to version openssl-3.0.1-43.el9_0