ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

OpenSSL version to 1.0.2zd Vulnerability on Access Gateway

book

Article ID: 238112

calendar_today

Updated On:

Products

CA Single Sign On Agents (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

Siteminder Access Gateway includes OpenSSL 1.0.2Zd with the installation.  The following is a list of OpenSSL versions by Siteminder Access Gateway version:

r12.8.5: OpenSSL 1.0.2zd

r12.8.6 : OpenSSL 1.0.2zd

Each of these versions of OpenSSL has published vulnerabilities with published version to remediate those vulnerabilities.

https://www.openssl.org/news/vulnerabilities-1.0.2.html

Environment

Release : 12.8.x

Component : SITEMINDER Access Gateway Server.

Resolution

OpenSSL 1.0.2za was released in Broadcom defect DE531378

Attached to this KB is OpenSSL 1.0.2zd for Access Gateway on Linux and Windows.  This is a standalone upgrade of OpenSSL that is supported on any supported version of Siteminder Access Gateway.  While the OpenSSL upgrade package is specific to Windows or Unix OS, it is applicable to all versions of either Windows or Linux.  

 

Additional Information

Steps to Port Common for both 12.8.05 and 12.8.06

--------------------------------------------------------------------- 

Please follow the steps to change the OpenSSL version to 1.0.2zd

1. Stop the SPS
2. Take the back of original files.
3. Copy the openssl.exe and *.dll files to secure-proxy/SSL/bin
4. Copy the openssl.exe and *.dll files to secure-proxy/httpd/bin
5. Start the SPS.

 

Attachments

openssl1.0.2zd_linux64bit_1648593432539.zip get_app
openssl102zd_win64_12805_1648593418727.zip get_app
1648593398249__openssl1.0.2zd_linux64bit.zip get_app
openssl102zd_win64_12806_1648593363189.zip get_app