Oracle ERP – Blogs

Lets Learn and Share Oracle Technology

«
»

Oracle Products and OpenSSL ‘Heartbleed’

Posted by Kashif Manzoor on April 16th, 2014

Heartbleed leads to ‘heartattack’ 🙂 during earlier this week to all Internet users and companies due to the OpenSSL Security vulnerability. Thought to share Oracle’s take on different Oracle Products depend on OpenSSL, you can go through following docs:

OpenSSL Security Bug-Heartbleed (Doc ID 1645479.1)

And public link of the info provided by Oracle:

http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html

other information to refer

http://heartbleed.com/

https://www.us-cert.gov/ncas/alerts/TA14-098A

http://www.openssl.org/news/secadv_20140407.txt

Update on 18-April-2014:

Oracle has issued Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 by describing as:

The Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 was released on April 18th, 2014. This Security Alert addresses CVE-2014-0160 (‘Heartbleed’), a security vulnerability which affects multiple OpenSSL versions implemented by various vendors in their products. This vulnerability also affects multiple Oracle products.
Due to the severity and the reported exploitation of CVE-2014-0160 “in the wild,” Oracle strongly recommends applying the patches as soon as possible.
The Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 is the starting point for relevant information. It includes links to other important documents that provide a list of affected products and the patch availability information.
Also, it is essential to review the Security Alert supporting documentation referenced in the Advisory before applying patches, as this is where you can find important information.
The Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 is available at the following location: Oracle Technology Network: http://www.oracle.com/technetwork/topics/security/alert-cve-2014-0160-2190703.html
All Oracle Critical Patch Updates and Security Alerts are available at the following location: Oracle Technology Network: http://www.oracle.com/technetwork/topics/security/alerts-086861.html

 

Tags: , ,
This entry was posted on Wednesday, April 16th, 2014 at 3:28 am and is filed under Oracle. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

«
»
 
css.php

WP Facebook Like Send & Open Graph Meta powered by TutsKid.com.