devan05

DataMinder and the OpenSSL Heartbleed vulnerability

Discussion created by devan05 Employee on May 13, 2014
Latest reply on Jun 6, 2014 by Beeks

As previously advised in the thread "Investigating publicly disclosed OpenSSL Heartbleed vulnerability"

https://communities.ca.com/web/ca-identity-and-access-mgmt-distributed-global-user-community/message-board/-/message_boards/message/113004771?&#p_19

DataMinder does not use an affected version of the OpenSSL cryptographic libraries but has taken the preemptive decision to update the OpenSSL version to the 1.0.1g which does not have the vulnerability.

This is packaged via FIX:RO69805 (incorporating  Client_x64_14.5_HF039 and Client_14.5_HF038) which is available to download from the CA Support Portal (<http://support.ca.com>) or via the direct url below:

<https://support.ca.com/irj/portal/solncdndtls?aparNo=RO69805&os=WINDOWS&fc=3&actionID=3>

Outcomes