Environment
Novell GroupWise 6.5
Novell GroupWise 7
Novell GroupWise 8
Novell GroupWise 2012
Novell GroupWise 2014
Situation
Novell GroupWise includes an entitlement to SLES and it is SLES that is affected by the GNU Bash Remote Code Execution vulnerability(also known as ShellShock or Bash Bug) and the Mozilla Network Security Services (NSS) vulnerability.
Any installation of Novell GroupWise running on OES or SLES may be affected as detailed in the following Common Vulnerabilities and Exposures (CVE) identifiers:
Further information regarding these security issues can be found here:
- https://support.novell.com/security/cve/CVE-2014-6271.html
- https://support.novell.com/security/cve/CVE-2014-6277.html
- https://support.novell.com/security/cve/CVE-2014-6278.html
- https://support.novell.com/security/cve/CVE-2014-7169.html
- https://support.novell.com/security/cve/CVE-2014-7186.html
- https://support.novell.com/security/cve/CVE-2014-7187.html
Resolution
All updates and patches are available through the SLES support channel. Current status regarding these vulnerabilities are published here:
https://support.microfocus.com/kb/doc.php?id=7015702
https://support.microfocus.com/kb/doc.php?id=7015702
Additional Information
This vulnerability does not effect any GroupWise components running on a Windows Operating System.