openssl 1.0.0c vulnerability

book

Article ID: 34918

calendar_today

Updated On:

Products

DX Infrastructure Management NIMSOFT PROBES

Issue/Introduction

Problem:

There is a vulnerability in OpenSSL found from robot version 5.90 through robot 7.61. The vulnerability is listed under CVE-2014-0224. Per the hub probe utility in hub v7.61, we are using OpenSSL1.0.0.c.
 

Environment:

Robot versions 5.90 through 7.61
OpenSSL1.0.0.c
 

Cause:

OpenSSL vulnerability. CVE-2014-0224
 

Resolution:

The current plan is to have the 8.x components all based on OpenSSL 1.0.0M.
 

Additional Information:

More information on this OpenSSL vulnerability can be found here:
http://www.openssl.org/news/secadv_20140605.txt
 

Environment

Release:
Component: UIMHUB