We have released a new version of WebCrossing with a security update for OpenSSL.
Updated OpenSSL to version 1.1.1q. Major changes include:
Techie-talk: In addition to the c_rehash shell command injection identified in CVE-2022-1292, further bugs where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection have been fixed. Also other updates since the last SSL upgrade we built. If you use SSL (https) for your site we recommend always using the latest build. For our hosted customers, we will do the server updates for your site.
If you are a self-hosted customer and have a valid support and maintenance contract, please contact support for access to the latest WebCrossing build. If your support and maintenance contract has expired, please contact us to renew so we can provide you with this update.
The latest build is now WebCrossing 6.4-ff5a198 2022-10-19.