{"id":436,"date":"2014-04-16T03:28:35","date_gmt":"2014-04-16T08:28:35","guid":{"rendered":"http:\/\/oraerp.com\/blog\/?p=436"},"modified":"2014-05-09T08:19:00","modified_gmt":"2014-05-09T13:19:00","slug":"oracle-openssl-heartbleed","status":"publish","type":"post","link":"http:\/\/oraerp.com\/blog\/oracle-openssl-heartbleed\/","title":{"rendered":"Oracle Products and OpenSSL \u2018Heartbleed\u2019"},"content":{"rendered":"<p>Heartbleed leads to \u2018heartattack\u2019 \ud83d\ude42 during earlier this week to all Internet users and companies due to the OpenSSL Security vulnerability. Thought to share Oracle\u2019s take on different Oracle Products depend on OpenSSL, you can go through following docs:<\/p>\n<p>OpenSSL Security Bug-Heartbleed (Doc ID 1645479.1)<\/p>\n<p>And public link of the info provided by Oracle:<\/p>\n<p><a href=\"http:\/\/www.oracle.com\/technetwork\/topics\/security\/opensslheartbleedcve-2014-0160-2188454.html\">http:\/\/www.oracle.com\/technetwork\/topics\/security\/opensslheartbleedcve-2014-0160-2188454.html<\/a><\/p>\n<p>other information to refer<\/p>\n<p><a href=\"http:\/\/heartbleed.com\/\"><span style=\"text-decoration: underline;\"><span style=\"color: #0066cc;\">http:\/\/heartbleed.com\/<\/span><\/span><\/a><\/p>\n<p><a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-098A\">https:\/\/www.us-cert.gov\/ncas\/alerts\/TA14-098A<\/a><\/p>\n<p><a href=\"http:\/\/www.openssl.org\/news\/secadv_20140407.txt\">http:\/\/www.openssl.org\/news\/secadv_20140407.txt<\/a><\/p>\n<p><strong>Update on 18-April-2014:<\/strong><\/p>\n<p>Oracle has issued Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 by describing as:<\/p>\n<p><em>The Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 was released on April 18th, 2014. This Security Alert addresses CVE-2014-0160 (&#8216;Heartbleed&#8217;), a security vulnerability which affects multiple OpenSSL versions implemented by various vendors in their products. This vulnerability also affects multiple Oracle products.<\/em><br \/>\n<em>Due to the severity and the reported exploitation of CVE-2014-0160 &#8220;in the wild,&#8221; Oracle strongly recommends applying the patches as soon as possible.<\/em><br \/>\n<em>The Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 is the starting point for relevant information. It includes links to other important documents that provide a list of affected products and the patch availability information.<\/em><br \/>\n<em>Also, it is essential to review the Security Alert supporting documentation referenced in the Advisory before applying patches, as this is where you can find important information.<\/em><br \/>\n<em>The Security Alert for OpenSSL Heartbleed vulnerability CVE-2014-0160 is available at the following location: Oracle Technology Network: <span style=\"color: #1f4f82;\"><span style=\"text-decoration: underline;\"><a href=\"https:\/\/gcmprm.oracle.com\/ctd\/lu?RID=3-4KKFD0J&amp;CON=3-21A41-1436&amp;PRO=&amp;AID=&amp;OID=3-4KK43LE&amp;CID=3-4KK43KR&amp;COID=3-4KK43LB&amp;T=http%3a%2f%2fwww.oracle.com%2ftechnetwork%2ftopics%2fsecurity%2falert-cve-2014-0160-2190703.html&amp;Z=e14b6665ff07a635cf77be1305d3a&amp;TN=%26lt%3bfont+color%3d%22%231f4f82%22%26gt%3b%26lt%3bu%26gt%3bhttp%3a%2f%2fwww.oracle.com%2ftechnetwork%2ftopics%2fsecurity%2falert-cve-2014-0160-2190703.html%26lt%3b%2fu%26gt%3b%26lt%3b%2ffont%26gt%3b&amp;RT=Clicked+On+URL\"><span style=\"color: #1f4f82;\"><span style=\"text-decoration: underline;\">http:\/\/www.oracle.com\/technetwork\/topics\/security\/alert-cve-2014-0160-2190703.html<\/span><\/span><\/a><\/span><\/span><\/em><br \/>\n<em>All Oracle Critical Patch Updates and Security Alerts are available at the following location: Oracle Technology Network: <span style=\"color: #1f4f82;\"><span style=\"text-decoration: underline;\"><a href=\"https:\/\/gcmprm.oracle.com\/ctd\/lu?RID=3-4KKFD0J&amp;CON=3-21A41-1436&amp;PRO=&amp;AID=&amp;OID=3-4KK43LE&amp;CID=3-4KK43KR&amp;COID=3-4KK43LB&amp;T=http%3a%2f%2fwww.oracle.com%2ftechnetwork%2ftopics%2fsecurity%2falerts-086861.html&amp;Z=635024b06ca73e069e81921a2bd17e3&amp;TN=%26lt%3bfont+color%3d%22%231f4f82%22%26gt%3b%26lt%3bu%26gt%3bhttp%3a%2f%2fwww.oracle.com%2ftechnetwork%2ftopics%2fsecurity%2falerts-086861.html%26lt%3b%2fu%26gt%3b%26lt%3b%2ffont%26gt%3b&amp;RT=Clicked+On+URL\"><span style=\"color: #1f4f82;\"><span style=\"text-decoration: underline;\">http:\/\/www.oracle.com\/technetwork\/topics\/security\/alerts-086861.html<\/span><\/span><\/a><\/span><\/span><\/em><\/p>\n<p>&nbsp;<\/p>\n<div id=\"fb-root\"><\/div><script src=\"http:\/\/connect.facebook.net\/en_US\/all.js#xfbml=1\"><\/script><fb:like href=\"http:\/\/oraerp.com\/blog\/oracle-openssl-heartbleed\/\" send=\"true\" layout=\"standard\" width=\"450\" show_faces=\"true\" font=\"arial\" action=\"like\" colorscheme=\"light\"><\/fb:like>","protected":false},"excerpt":{"rendered":"<p>Heartbleed leads to \u2018heartattack\u2019 \ud83d\ude42 during earlier this week to all Internet users and companies due to the OpenSSL Security vulnerability. Thought to share Oracle\u2019s take on different Oracle Products depend on OpenSSL, you can go through following docs: OpenSSL Security Bug-Heartbleed (Doc ID 1645479.1) And public link of the info provided by Oracle: http:\/\/www.oracle.com\/technetwork\/topics\/security\/opensslheartbleedcve-2014-0160-2188454.html [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[88],"tags":[70,71,17],"class_list":["post-436","post","type-post","status-publish","format-standard","hentry","category-oracle","tag-heartbleed","tag-openssl","tag-oracle"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1Rb79-72","jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"_links":{"self":[{"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/posts\/436","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/comments?post=436"}],"version-history":[{"count":6,"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/posts\/436\/revisions"}],"predecessor-version":[{"id":448,"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/posts\/436\/revisions\/448"}],"wp:attachment":[{"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/media?parent=436"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/categories?post=436"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/oraerp.com\/blog\/wp-json\/wp\/v2\/tags?post=436"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}