- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 05-11-2014 05:19 PM
Question:
What version of OpenSSL does VDS-TC 5.0 and 5.1 run, is it affected by the heartbleed vulnerability bug?
Answer:
VDS-TC 5.0 and 5.1 releases is running with OpenSSL 0.9.8 branch which according to http://heartbleed.com/ is not vulnerable.
Below please find some more details about the OpenSLL versions:
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable
The known bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012.
OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.