Monday, April 14, 2014

Solaris 10 OS and Oracle Directory Server Enterprise Edition not affected by Heartbleed

We support Solaris 10 OS and Oracle Directory Server Enterprise Edition for a big customer here in Singapore. 

Both are not affected by Heartbleed security flaw.

Oracle Solaris 10 Sparc is not vulnerable to the SSL Heartbleed vulnerability.The latest patched default OpenSSL library in Solaris 10 is version 0.9.7d, which is not affected by the vulnerability. The Heartbleed vulnerability only affects OpenSSL version 1.0.1 to 1.0.1f.

Official response from Oracle Support with regard to Oracle Directory Server Enterprise Edition below:

ODSEE do not use OpenSSL. ODSEE uses NSS for the SSL libraries. You may want to refer to this link for more understanding on the topic: ODSEE Administration Guide:


No comments:

Post a Comment