Bug 44531

GemStone/S 64 Bit

3.2.1, 3.2, 3.1.0.6, 3.1.0.5, 3.1.0.4, 3.1.0.3, 3.1.0.2, 3.1.0.1, 3.1, 3.0.1, 3.0

All

3.2.2

OpenSSL security advisory for 1.0.1h on August 6, 2014

The OpenSSL cryptographic library, used by GemStone for RPC session logins (client-to-gem connections), has a security advisory for version 1.0.1h and earlier.

More information can be found at www.openssl.org/news/secadv/20140806.txt

Workaround

This bug has been fixed in OpenSSL version 1.0.1i.  GemStone uses OpenSSL as a shared library which can be replaced with minimal disruption; if you believe this bug is a significant risk, contact GemTalk Technical support for the GemTalk OpenSSL libraries for your platform.


Last updated: 8/31/15