From 833654d0ffbdec26634224e3c3fa7efc65b0b43c Mon Sep 17 00:00:00 2001
From: Victor Hu <whowutwut@gmail.com>
Date: Tue, 7 Mar 2017 09:40:40 -0500
Subject: [PATCH] Add security bulleting for 02/16/17 openssl advisory

---
 .../source/security/2017/20170216_openssl.rst | 25 +++++++++++++++++++
 docs/source/security/2017/index.rst           |  1 +
 2 files changed, 26 insertions(+)
 create mode 100644 docs/source/security/2017/20170216_openssl.rst

diff --git a/docs/source/security/2017/20170216_openssl.rst b/docs/source/security/2017/20170216_openssl.rst
new file mode 100644
index 000000000..9f430f713
--- /dev/null
+++ b/docs/source/security/2017/20170216_openssl.rst
@@ -0,0 +1,25 @@
+2017-02-16 - OpenSSL Vulnerabilities
+====================================
+
+*Feb 16, 2017*, OpenSSL announced the following security advisories: https://www.openssl.org/news/secadv/20170216.txt 
+
+
+Advisory CVEs
+-------------
+
+* CVE-2017-3733 - **Encrypt-Then-Mac renegotiation crash** (Severity:High) 
+
+  OpenSSL 1.1.0 users should upgrade to 1.1.0e
+
+  This issue does not affect OpenSSL version 1.0.2.
+
+Please see the security bulletin above for patch, upgrade, or suggested work around information.
+
+Action
+------
+
+xCAT uses OpenSSL for client-server communication but **does not** ship it.  
+
+It is highly recommended to keep your OpenSSL levels up-to-date with the indicated versions in the security bulletins to prevent any potential security threats. Obtain the updated software packages from your Operating system distribution channels. 
+
+
diff --git a/docs/source/security/2017/index.rst b/docs/source/security/2017/index.rst
index 7c5b764ff..588d8c30e 100644
--- a/docs/source/security/2017/index.rst
+++ b/docs/source/security/2017/index.rst
@@ -4,4 +4,5 @@
 .. toctree::
    :maxdepth: 1
 
+   20170216_openssl.rst
    20170126_openssl.rst