z/VSE service news: openSSL APAR available
Ingolf24 120000DRN3 Visits (1991)
New openSSL PTFs are available. They fix a problem as described in vulnerability CVE-2014-3509 and CVE-2014-3511. The PTFs affect z/VSE Version 5 only, because openSSL was first delivered with z/VSE 5.1.
The APAR is DY47561. It is described here. The corresponding PTFs are UD54053 (z/VSE 5.1) and UD54054 (z/VSE 5.2).
In z/VSE 5.1 openSSL is exploited by the product IPv6/VSE. In zVSE 5.2 there are more exploiters. Therefore I recommend that all IPv6/VSE and z/VSE 5.2 users apply these new PTFs.
The APAR will show up on our sec
Greetings from France. We have a nice weather, blue sky and 23 C (74 F). Next blog entry Sept. 12