Heartbleed openssl vulnerability and GroupWise, GroupWise Messenger, GroupWise Mobility

  • 7014879
  • 09-Apr-2014
  • 09-Apr-2014


Novell Data Synchronizer Connector for Mobility
Novell GroupWise
Novell GroupWise Mobility Service
Novell Messenger
Novell Open Enterprise Server 11 (OES 11) Linux
SUSE Linux Enterprise Server 11


Are GroupWise, GroupWise Messenger, and GroupWise Mobility susceptible to the openssl heartbleed vulnerability reported in CVE-2014-0160?

According to www.openssl.org the following OpenSSL versions are vulnerable:

    OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable

    OpenSSL 1.0.2-beta releases, including 1.0.2-beta1 are vulnerable

 The following are not vulnerable:

    OpenSSL 1.0.1g branch is NOT vulnerable

    OpenSSL 0.9.8 branch is NOT vulnerable


The GroupWise products do not push down their own Openssl libraries, but use the OS based ones. With the GroupWise products running on SLES 11, the GroupWise products use the 0.98 branch and are therefore not susceptible.

To check the version of Openssl on your server, open a terminal window and type:  openssl version

Additional Information