Both are not affected by Heartbleed security flaw.
Oracle Solaris 10 Sparc is not vulnerable to the SSL Heartbleed vulnerability.The latest patched default OpenSSL library in Solaris 10 is version 0.9.7d, which is not affected by the vulnerability. The Heartbleed vulnerability only affects OpenSSL version 1.0.1 to 1.0.1f.
Official response from Oracle Support with regard to Oracle Directory Server Enterprise Edition below:
ODSEE do not use OpenSSL. ODSEE uses NSS for the SSL libraries. You may want to refer to this link for more understanding on the topic: ODSEE 11.1.1.7.0 Administration Guide: http://docs.oracle.com/cd/E29127_01/doc.111170/e28972/ds-security.htm#bcaul
.
No comments:
Post a Comment