KB Article #176753

8 JAN 2015 OpenSSL Security Advisory Effects on Validation Authority, Desktop Validator & Server Validator

Problem

-- An IAVA was issued regarding the 8 JAN 2015 OpenSSL advisory and you need to know whether or not your version of VA, SV or DV is affected.

Resolution


* The 8 JAN 2015 advisory listed 8 CVEs:  CVE-2014-3571, CVE-2015-0206, CVE-2014-3569, CVE-2014-3572, CVE-2015-0204, CVE-2015-0205, CVE-2014-8275 and CVE-2014-3570.  Of these, we believe that all three products are impacted by the low-severity issues CVE-2014-3572 and CVE-2015-0204.  Additionally, VA server is believed to be impacted by two more low-severity issues: CVE-2015-0205 and CVE-2014-3570.


We will release service packs containing updated versions of OpenSSL to address this issue.

Still need help?

If this information wasn't helpful to you, just drop us a line. We'll get back to you as soon as possible.