OpenSSL Patch

By Ed Ropple

Render is a unified, full-stack development platform where you define what’s possible. Whether you’re a solo developer, growing startup, or established enterprise, Render provides just what you need to bring your ideas to life.

Security Announcement in Response to OpenSSL Patches

Render is aware of the patches released today for OpenSSL 3.0 (CVE-2022-3602 and CVE-2022-3786). Render services are not affected by these CVEs. This weekend we found that because this only impacts OpenSSL 3.0.X versions, our core services were not affected. Today the OpenSSL team released their update with full details.

In their update, they explained that they have downgraded the 1 ‘critical’ vulnerability to ‘high’ based on the limited ability, in practice, for exploitability. The primary method of exploitation would be for a vulnerable TLS client to connect to a malicious TLS server. Additionally, at least some versions of Linux do not contain the RCE at all. We will continue in our commitment to proper patching and we encourage everyone to do so as well. In this case, we are not affected.

For more information about these patches, refer to BleepingComputer’s article: ”OpenSSL fixes two high severity vulnerabilities, what you need to know

Interested in working with Ed at Render? Check out our open roles!

Ed Ropple

Ed heads up Developer Advocacy here at Render and has a hand in a lot of the user-facing tech that customers interact with. You’ll hear him on Rendering: The Render Podcast and you’ll see him in our YouTube stuff. He tweets too much @edropple, too.

Subscribe to our newsletter for monthly product updates.

Discover More

  1. How BeerMenus Elevated its Craft with a Seamless Move to Render

    Issues with Heroku mounted, so BeerMenus founders migrated to Render. They reduced costs, gained better Support, and adopted game-changing features like Preview Environments....

    - Rosalind Benoit

  2. Render Newsletter Vol. 4 - October 2022

    This periodical for the Render community keeps you up to date on new guides and content, product updates, and developer news....

    - Rosalind Benoit

  3. Shipping Monorepo Support

    Monorepo Support is now generally available for all Render customers. Your feedback has shaped what we've shipped and allowed us to design flexible features to help you define how...

    - Shantanu Joshi