OpenSSL security advisory for 1.0.1g on June 5, 2014
The OpenSSL cryptographic library, used by GemStone for RPC session logins (client-to-gem connections), has a security advisory for version 1.0.1g and earlier.
More information can be found at https://www.openssl.org/news/secadv/20140605.txt
Workaround
This bug has been fixed in OpenSSL version 1.0.1h, and this is included in GemStone/S 64 Bit version 3.2.1. We recommend all customers upgrade to version 3.2.1 or later.
GemStone uses OpenSSL as a shared library which can be replaced with minimal disruption; if you believe this bug is a significant risk, contact GemTalk Technical support for the GemTalk OpenSSL libraries for your platform.
Last updated: 8/31/15