Environment
Novell SecureLogin
NetIQ SecureLogin
NSL6.x
NSL7.x
NSL8.x
Situation
Could SecureLogin be affected by the heartbleed bug?
Is SecureLogin susceptible to the openssl heartbleed vulnerability reported in CVE-2014-0160?
Resolution
No. SecureLogin uses OpenSSL version 0.98 and is therefore not susceptible to the heartbleed vulnerability.
Additional Information
From http://heartbleed.com status of different openssl versions:
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable