Security Info - OpenSSL Heartbleed - 4D v13/v14 NOT
David Ringsmuth (4/9/14 10:53AM)
Dave Gradwell (4/9/14 4:44PM)
Pascal Geuns (4/9/14 8:26PM)
David Ringsmuth (4/9/14 10:53 AM)
vulnerable
Dave,
Thanks!
David
-----Original Message-----
From: 4d_tech-bounces@...
[mailto:4d_tech-bounces@... On
Behalf Of Dave Gradwell
Sent: Wednesday, April 09, 2014 10:44 AM
vulnerable
Hi David,
I found this:
http://kb.4d.com/search/assetid=76175
Which says:
"""
The version of libeay32.dll and ssleay32.dll included with 4D v11 SQL
Release 7 (11.7) is 0.9.8.2 which translates to OpenSSL v0.9.8b.
The version of libeay32.dll and ssleay32.dll included with 4D v12 is
0.9.8.10 which translates to OpenSSL v0.9.8j.
"""
http://heartbleed.com/ says:
"""
OpenSSL 0.9.8 branch is NOT vulnerable
"""
Yours,
Dave.
Dave Gradwell (4/9/14 4:44 PM)
vulnerable
Hi David,
I found this:
http://kb.4d.com/search/assetid=76175
Which says:
"""
The version of libeay32.dll and ssleay32.dll included with 4D v11 SQL
Release 7 (11.7) is 0.9.8.2 which translates to OpenSSL v0.9.8b.
The version of libeay32.dll and ssleay32.dll included with 4D v12 is
0.9.8.10 which translates to OpenSSL v0.9.8j.
"""
http://heartbleed.com/ says:
"""
OpenSSL 0.9.8 branch is NOT vulnerable
"""
Yours,
Dave.
On 9 Apr 2014, at 16:37, David Ringsmuth wrote:
color><param>00000,0000,DDEE/param>TThomas
What about 4D v12.5+
Does this version of 4D have the OpenSSL vulnerability? It is still
supported by 4D until May.
Thanks!
David
/color>
Pascal Geuns (4/9/14 8:26 PM)
vulnerable
We have just released an SSL Test Tool which you can use to check your
SSL setup and see if your server is vulnerable to the heartbleed bug:
http://www.qualityssl.com/en/support/ssl-server-test.lasso
Kind Regards
Pascal Geuns
QualitySSL
Meet me on LinkedIn
http://www.linkedin.com/in/pascalgeuns
------------------------------------------------------------------------
QualitySSL Certificates for your 4D Server, visit
http://www.qualityssl.com/
Reply to this message
Summary created 4/9/14 at 4:39PM by Intellex Corporation
Comments welcome at: feedback@intellexcorp.com