OpenSSL CVE-2022-3786 and CVE-2022-3602

The OpenSSL CVEs announced today are rated MEDIUM on SmartOS, affecting only curl, wget, and openldap clients against untrusted or MITM’d servers.

This Thursday’s SmartOS release will include OpenSSL 3.0.7. This week’s release platform image, while not a Triton release, will also be added to the release and support channels, once available.

Further detail available here