Knowledgebase
Heartbleed bug discovered in OpenSSL
Posted by Christopher Flores on 13 August 2014 08:54 AM

Description of issue

A vulnerability has been discovered in the popular OpenSSL cryptographic software library which has been dubbed as the Heartbleed Bug.

The heartbleed bug was introduced in OpenSSL 1.0.1 and is present in the following versions of OpenSSL

    1.0.1
    1.0.1a
    1.0.1b
    1.0.1c
    1.0.1d
    1.0.1e
    1.0.1f

Description/Fix

From a 2X Perspective, OpenSSL 1.0.1c is used within 2X Remote Application Server  solution.

As a result, an update is expected in the coming days which is expected to include the latest version of OpenSSL that does not suffer from this issue, effectively addressing this vulnerability.

At the time of writing, the following versions of 2X Remote Application Server are expected to patched and/or updated accordingly:

   10.6
   11.0
   11.1 (beta)

More information on this vulnerability can be found here.

UPDATE

This issue has been addressed in build 1558 for v10.6 installations and build 1933 for v11 installations.

Please apply the update based on the version you have installed.

All newer releases following the builds outlined above will include this fix.

(4 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: