Bug 44330


GemStone/S 64 Bit

3.2,,,,,,, 3.1, 3.0.1, 3.0


OpenSSL security advisory for 1.0.1g on June 5, 2014

The OpenSSL cryptographic library, used by GemStone for RPC session logins (client-to-gem connections), has a security advisory for version 1.0.1g and earlier.

More information can be found at https://www.openssl.org/news/secadv/20140605.txt


This bug has been fixed in OpenSSL version 1.0.1h, and this is included in GemStone/S 64 Bit version 3.2.1.  We recommend all customers upgrade to version 3.2.1 or later.

GemStone uses OpenSSL as a shared library which can be replaced with minimal disruption; if you believe this bug is a significant risk, contact GemTalk Technical support for the GemTalk OpenSSL libraries for your platform.

Last updated: 8/31/15