Abstract
IBM WebSphere Application Server and IBM HTTP Server are not vulnerable to CVE-2014-0160 Heartbleed vulnerability
Content
CVE-2014-0160 - Heartbleed Vulnerability
This vulnerability does NOT affect the SSL that is used by IBM WebSphere Application Server in all editions and all platforms. The IBM Java JSSE does not use OpenSSL.
This vulnerability does NOT affect the IBM HTTP Server component in all editions and all platforms. The GSKit component of IBM HTTP Server does not use OpenSSL SSL code.
Remediation: No action required.
Change History: 09 April 2014: original document published
IBM WebSphere Application Server and IBM HTTP Server are not vulnerable to CVE-2014-0160 Heartbleed vulnerability
Content
CVE-2014-0160 - Heartbleed Vulnerability
This vulnerability does NOT affect the SSL that is used by IBM WebSphere Application Server in all editions and all platforms. The IBM Java JSSE does not use OpenSSL.
This vulnerability does NOT affect the IBM HTTP Server component in all editions and all platforms. The GSKit component of IBM HTTP Server does not use OpenSSL SSL code.
Remediation: No action required.
Change History: 09 April 2014: original document published
However, please do NOT take my blog's word for this, as this is vitally important information. Please see the original article here: -
I would also strongly encourage you to actively monitor these pages: -
and, if needed, talk with your local IBM Support contacts, Accelerated Value Programme specialist, or IBM Software Services for WebSphere etc.
No comments:
Post a Comment