cancel
Showing results for 
Search instead for 
Did you mean: 

heartbleed OpenSSL vulnerability

heartbleed OpenSSL vulnerability

Andy_M
New Contributor
Does anyone have any information on whether or not and which Enterasys or Extreme products are affected by this vulnerability?
9 REPLIES 9

Paul_Poyant
New Contributor III
See also, in the FAQ section of this forum:
16131, "Extreme Networks Response to US-CERT Vulnerability Advisory VU#720951" (http://bit.ly/1n6cUcI).

Sumit_Tokle
Contributor
http://esupport.extremenetworks.com/

you can find the office response on above website.

Tamera_Rousseau
New Contributor
We will be posting an official response to the Heartbleed OpenSSL vulnerability shortly. Please stay tuned!

James_A
Valued Contributor
I ran
code:
apt-get update
,
code:
apt-get install libssl1.0.0
on my 64-bit NAC appliances, and
code:
lsof -nnP|grep libssl
shows the following processes that need to be restarted:
whoopsie 1015 whoopsie DEL REG 252,0 1044566 /lib/x86_64-linux-gnu/libssl.so.1.0.0
radiusd 4019 root DEL REG 252,0 1044566 /lib/x86_64-linux-gnu/libssl.so.1.0.0
postgres 6819 postgres DEL REG 252,0 1044566 /lib/x86_64-linux-gnu/libssl.so.1.0.0
squid 29654 nobody DEL REG 252,0 1044566 /lib/x86_64-linux-gnu/libssl.so.1.0.0
postgres 29795 postgres DEL REG 252,0 1044566 /lib/x86_64-linux-gnu/libssl.so.1.0.0


On the 64-bit Netsight appliance only whoopsie (whatever that is - some sort of crash handler?) uses libssl. Also on the NAC appliances I couldn't upgrade the actual
code:
openssl
package due to a file conflict on
code:
/etc/ssl/openssl.cnf
with the
code:
tag
package.
GTM-P2G8KFN