‫ Oracle identifies products affected by Heartbleed, but work remains on fixes

Number:IRCNE2014042168
Date: 2014-04-20

According to “zdnet”, Oracle issued a comprehensive list of its software that may or may not be affected by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.

The list includes well over 100 products that appear to be in the clear, either because they never used the version of OpenSSL reported to be vulnerable to Heartbleed, or because they don't use OpenSSL at all.

However, Oracle is still investigating whether another roughly 20 products, including MySQL Connector/C++, Oracle SOA Suite and Nimbula Director, are vulnerable.

Oracle determined that seven products are vulnerable and is offering fixes. These include Communications Operation Monitor, MySQL Enterprise Monitor, MySQL Enterprise Server 5.6, Oracle Communications Session Monitor, Oracle Linux 6, Oracle Mobile Security Suite and some Solaris 11.2 implementations.

Another 14 products are likely to be vulnerable, but Oracle doesn't have fixes for them yet, according to the post. These include BlueKai, Java ME and MySQL Workbench.

Related Links:

VMWare releases first Heartbleed patch

Server makers rush their Heartbleed patches

First sites admit data loss through Heartbleed attacks

Heartbleed bug can expose private server encryption keys

BlackBerry to release Heartbleed fixes for BBM Messenger, Secure Work Space

Lagging Android devices vulnerable to Heartbleed

Apple's iOS, OS X don't have Heartbleed bug but BBM for iOS and Android do

Cisco, Juniper products affected by Heartbleed

'Heartbleed' bug in OpenSSL puts encrypted communications at risk



نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 31 فروردین 1393

دسته‌ها

امتیاز

امتیاز شما
تعداد امتیازها:0