Message Image

Skip main navigation (Press Enter).

Data360 DQ+

View Only

Back to discussions

Expand all | Collapse all

Vulnerable openssl package in Load Balancer container

Josh Hittle05-28-2021 13:19

Our security scanning product identified a vulnerable package, openssl-1.1.1d, in the Load Balancer container. ...

Gerard Cafaro06-02-2021 13:53

The next DQ+ release (6.2) also has openssl-1.1.1d within the Load Balancer container. I created an ...

1. Vulnerable openssl package in Load Balancer container

0 Like
Josh Hittle
Posted 05-28-2021 13:19

Reply Reply Privately
Our security scanning product identified a vulnerable package, openssl-1.1.1d, in the Load Balancer container. This vulnerability is resolved in openssl-1.1.1k. Is this package upgraded in a fixpack, or a later version of DQ+? Also, what is the release date of 6.2?

https://security-tracker.debian.org/tracker/CVE-2021-3449
2. RE: Vulnerable openssl package in Load Balancer container

0 Like
Employee

Gerard Cafaro
Posted 06-02-2021 13:53

Reply Reply Privately
The next DQ+ release (6.2) also has openssl-1.1.1d within the Load Balancer container. I created an internal request with our Engineering teams for updating openssl, which will be addressed according to our Product Vulnerability Patching Standard.

DQ+ 6.2 doesn't have a specific release date yet, but to answer more generally, it's slated for the upcoming weeks.

About Precisely

About Us
Newsroom
Developers

Customer Support

Product Support
Community FAQ
Contact Us

Copyright ©2024 Precisely. All rights reserved worldwide.

Terms of Use
Legal
Privacy Notices
Trademarks
Your Privacy Choices
California Privacy Notices
Cookie Settings

Copyright ©2024 Precisely. All rights reserved worldwide.

Powered by Higher Logic