OpenSSL Multiple Vulnerabilities - Verastream Host Integrator

Document ID:7022768
Creation Date:22-Mar-2018
Modified Date:09-May-2018
- Micro Focus Products:
  Verastream Host Integrator (VHI)

Environment

Verastream Host Integrator

Situation

Multiple security issues have been addressed in OpenSSL libraries used by Verastream Host Integrator (VHI). We recommend that you update your installed product.

Resolution

Maintained customers can obtain the latest release from the Downloads website.

March 2018: Beginning in VHI 7.7 SP1 (version 7.7.1031 or 7.7.1.1031), OpenSSL 1.0.2n modules are included to address 58 OpenSSL issues, some which may affect VHI.
April 2015: Beginning in VHI 7.7 Hotfix 2 (verison 7.7.30), updated modules are included to address 11 OpenSSL 19-Mar-2015 vulnerabilities, some of which may affect VHI.
June 2014: Beginning in VHI 7.6, CVE-2014-0224 is resolved (see also KB 7021300).
April 2014: Beginning in VHI 7.6 Hotfix 3 (version 7.6.49), "Heartbleed" CVE-2014-0160 is resolved (see also KB 7021300).
March 2014: Beginning in VHI 7.6 Hotfix 2 (version 7.6.47), CVE-2013-4353 and CVE-2013-6449 are resolved (see also KB 7021300).

Status

Security Alert

Additional Information

https://www.openssl.org/news/vulnerabilities-1.0.2.html