OpenSSL Security Advisory CVE-2014-0224
- Product: Aleph
- Product Version: 20, 21, 22, 23
- Relevant for Installation Type: Dedicated-Direct, Direct, Local, Total Care
Problem Symptoms:
Are Ex Libris products affected by OpenSSL Security Advisory CVE-2014-0224?
See http://www.openssl.org/news/secadv_20140605.txt
Cause:
Defect in OpenSSL version 0.9.8
Resolution:
Upgrade the OpenSSL:
OpenSSL 0.9.8 SSL/TLS users (client and/or server) should upgrade to 0.9.8za.
Additional Information
Update on 19 June 2014:
You can now download OpenSSL version 0.9.8za from our ftp servers using
UTIL SP 6. Download 3rd party products update
More information about how to upgrade the third-party products can be found in the following documents:
(1)
Aleph:
Chapter 9 "Downloading and installing third-party product updates " of the document "The Aleph Service Pack Mechanism Version 22"
(2)
Primo:
Section "Installing Third-Party Product Updates" of the document "Primo Service Pack Installation Guide Version 4.x".
- Article last edited: 6-Jun-2016