Bug ID CSCuo26378 says EX/C/SX OpenSSL vulnerability are fixed in TC5.1.11, TC6.3.1 or TC7.1.1.
But TC5.1.11 is not released yet(as of 04/25/2014).
Does anybody know when TC5.1.11 will be released?
Did you try to contact TAC about it? Thats what I would try to do.
Besides that I would use TC6.3.1 or TC7.1.1 instead of TC5 if possible.
Please remember to rate helpful responses and identify
you can get a release key a couple if ways
if you have a valid service contract you can get one from www.cisco.com/go/licence
otherwise, you can request one through the TAC.
Given that it was only mentioned as being a "fixed" version in the Heartbleed security advisory, but wasn't made available along with TC6.3.1 and TC7.1.1, I wouldn't expect it to be readily available.
If you really need it - try contacting the TAC to request it.
The better option would be to upgrade to one of the newer releases, especially since anything pre-TC6.1 is vulnerable to a SIP DoS condition (Cisco-SA-20130619-TPC).
Please remember to rate responses and to mark your question as answered if appropriate.
Thank you all and sorry to reply late.
We have about one week vacation on May in Japan.
Now I found TC5.1.11 at Cisco download site.
By the way, in case of using self-signed certificates, after upgrading to TC5.1.11, TC6.3.1 or TC7.1.1, should we perform backup and factory reset to generate a new certificate? (Because certificates used on codec might have been exposed)
And after factory reset, will the new certificate survive even if we restore the configuration?
Yes that is correct, you need to factory reset the system after upgrade to generate a new certificate. You can restore the backup and this will not affect the new certificate.
Thank you Magnus,
Let me ask one more question.
From TC7, root account is permanently disabled.
That means we can not use SCP anymore to backup and restore favorites.
So how should we backup and restore favorites (local contact) on TC7?
I am feeling dizzy if I have to add favorites for many codecs after factory reset
TC5.1.11 has finally been released. Note from TAC:
I am glad to inform you that TC 5.1.11 has now been released, and it is available for you to download.
This is the download link: