This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Revenera Community
- :
- FlexNet Embedded
- :
- FlexNet Embedded Knowledge Base
- :
- What Version of OpenSSL is part of your latest release of FlexNet Embedded?
Subscribe
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
What Version of OpenSSL is part of your latest release of FlexNet Embedded?
What Version of OpenSSL is part of your latest release of FlexNet Embedded?
Summary
What Version of OpenSSL is part of your latest release of FlexNet Embedded?Question
What Version of OpenSSL is part of your latest release of FlexNet Embedded?Answer
This is covered in the disclosure documentation included with each release under the Product and License Center.For example, the version of OpenSSL used in FNE 2014 R2 (2014.09) is 1.0.1h. FNE 2017 R1 is on 1.0.2j.
Additional Information
In February, 2017, OpenSSL released security patch "OpenSSL version 1.1.0e"https://www.us-cert.gov/ncas/current-activity/2017/02/16/OpenSSL-Releases-Security-Update
However, please note that 1.0.2 is not effected by this issue, as seen below.
OpenSSL Security Advisory [16 Feb 2017]
========================================
Encrypt-Then-Mac renegotiation crash (CVE-2017-3733)
====================================================
Severity: High
During a renegotiation handshake if the Encrypt-Then-Mac extension is
negotiated where it was not in the original handshake (or vice-versa) then this
can cause OpenSSL to crash (dependent on ciphersuite). Both clients and servers
are affected.
OpenSSL 1.1.0 users should upgrade to 1.1.0e
This issue does not affect OpenSSL version 1.0.2.
No ratings