Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Question & Answers on OpenSSL Heartbleed Issue and Cisco VDS-TC

Question:
What version of OpenSSL does VDS-TC 5.0 and 5.1 run, is it affected by the heartbleed vulnerability bug?

 

Answer:
VDS-TC 5.0 and 5.1 releases is running with OpenSSL 0.9.8 branch which according to http://heartbleed.com/ is not vulnerable.

Below please find some more details about the OpenSLL versions:
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable

The known bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012.
OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.

Version history
Revision #:
1 of 1
Last update:
‎05-11-2014 05:19 PM
Updated by:
 
Labels (1)
Everyone's tags (3)