HPE Storage Users Group https://3parug.com/ |
|
3par Heartbleed patch release https://3parug.com/viewtopic.php?f=18&t=715 |
Page 1 of 1 |
Author: | Josh26 [ Tue May 13, 2014 11:09 pm ] |
Post subject: | 3par Heartbleed patch release |
Hey guys, For anyone not on Bugtraq - it's worth getting this applied. https://h20564.www2.hp.com/portal/site/ ... -c04261644 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04261644 Version: 3 HPSBST03015 rev.3 - HP 3PAR OS running OpenSSL, Remote Disclosure of Information NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2014-04-22 Last Updated: 2014-05-09 Potential Security Impact: Remote disclosure of information Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP 3PAR OS running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. References: CVE-2014-0160, SSRT101526 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP 3PAR OS 3.1.2 and subsequent BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-0160 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has released patches to address this vulnerability for the impacted software versions of 3PAR OS. NOTE: No patch will be available for HP 3PAR OS 3.1.2 GA. HP recommends that customers with arrays running HP 3PAR OS 3.1.2 GA should upgrade to the latest available MU or HP 3PAR OS 3.1.3 P01. HP 3PAR OS Version Available patch HP 3PAR OS 3.1.3 P01 HP 3PAR OS 3.1.2 MU1, MU2, and MU3 P39 |
Author: | Cleanur [ Wed May 14, 2014 8:29 am ] |
Post subject: | Re: 3par Heartbleed patch release |
BTW you can sign up for alerts here https://h41183.www4.hp.com/alerts-signu ... nguage=ESA |
Page 1 of 1 | All times are UTC - 5 hours |
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/ |