Hi.
OpenSSL recently reported critical/high vulnerability CVE-2022-3602 which is a buffer overrun in v3.x that is fixed in v3.0.7.
Can you confirm that this vulnerability is not present in the OpenSSL supplied with Rocket z/OS Open-Source tools or any other z/OS tool supplied by Rocket?
The "openssl version" command shows OpenSSL at v1.0.2 in Rocket Open-Source tools for z/OS so it would appear that this version is not affected.
Thanks.
Sign up
Already have an account? Login
Welcome to the Rocket Forum!
No account yet? Create an account
Please log in or register:
Employee Login | Registration Member Login | RegistrationEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.
