How can I check if the OpenSSL version shipped with Artix is affected by the vulnerability caused by the Heartbleed bug?

Dominique Sacre · 2014-04-11T14:57:00+00:00

Summary This article clarifies how to check the version of OpenSSL shipped with Artix. Environment Artix 5.* All Supported Operating Systems Question/Problem Description How can I check if the OpenSSL version shipped with Artix is affected by the vulnerability caused by the Heartbleed bug? Clarifying Information The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library which is also shipped with Artix. CVE-2014-0160 is the official reference to this bug. The following is the status of different OpenSSL versions: OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable OpenSSL 1.0.1g is NOT vulnerable OpenSSL 1.0.0 branch is NOT vulnerable OpenSSL 0.9.8 branch is NOT vulnerable Error Message Defect/Enhancement Number Cause https://www.openssl.org/news/secadv_20140407.txt Resolution In order to check the version of OpenSSL included in your Artix product run the following command: openssl version Workaround Notes We are treating this vulnerability at the highest priority and have already commenced work to resolve. As soon as we have identified a fix date for our any of our affected products, we will make that available. Please contact Micro Focus SupportLine and open a support incident if further clarification is required. Attachment #Orbix#KnowledgeDocs

Summary	This article clarifies how to check the version of OpenSSL shipped with Artix.
Environment	Artix 5.* All Supported Operating Systems
Question/Problem Description	How can I check if the OpenSSL version shipped with Artix is affected by the vulnerability caused by the Heartbleed bug?
Clarifying Information	The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library which is also shipped with Artix. CVE-2014-0160 is the official reference to this bug. The following is the status of different OpenSSL versions: OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable OpenSSL 1.0.1g is NOT vulnerable OpenSSL 1.0.0 branch is NOT vulnerable OpenSSL 0.9.8 branch is NOT vulnerable
Error Message
Defect/Enhancement Number
Cause	https://www.openssl.org/news/secadv_20140407.txt
Resolution	In order to check the version of OpenSSL included in your Artix product run the following command: openssl version
Workaround
Notes	We are treating this vulnerability at the highest priority and have already commenced work to resolve. As soon as we have identified a fix date for our any of our affected products, we will make that available. Please contact Micro Focus SupportLine and open a support incident if further clarification is required.
Attachment

#Orbix
#KnowledgeDocs

Sign up

Please log in or register:

Welcome to the Rocket Forum!

Please log in or register:

Scanning file for viruses.

This file cannot be downloaded