z/VSE service news: openSSL APAR available
Ingolf24 120000DRN3 Visits (7171)
New openSSL PTFs are available. They fix a problem as described in vulnerability CVE-2014-3567. The PTFs affect z/VSE Version 5 only, because openSSL was first delivered with z/VSE 5.1. The APAR is DY47581. It is described here. The corresponding PTFs are UD54071 (z/VSE 5.1) and UD54072 (z/VSE 5.2).
In z/VSE 5.1 openSSL is exploited by the product IPv6/VSE. In zVSE 5.2 there are more exploiters. Therefore I recommend that all IPv6/VSE and z/VSE 5.2 users apply these new PTFs.
The APAR will show up on our secu
Have a good weekend.