Security

Reply
Aruba
Posts: 1,537
Registered: ‎06-12-2012

OpenSSL - Alternative Chains Certificate Forgery Patch for ClearPass 6.5.2 is now available!

On July 9th 2015, the OpenSSL Project reported a high-severity vulnerability in certain versions of OpenSSL. The vulnerability affects processing of certificate trust chains. ClearPass version 6.5.2 which was released on June 26th 2015 and contains OpenSSL version 1.0.1o which is affected by the vulnerability. No other ClearPass releases are affected by this issue.

Additional details can be found in the updated security advisory which is attached and will be updated shortly on the public Security Advisory page.

The patch file is available for download in the ClearPass Software Update Portal and also from the support.arubanetworks.com at the following location.

Download Software > ClearPass > Policy Manager > Archives > 6.5.0 > Patches
Thank You,
Troy

--Give Kudos: found something helpful, important, or cool? Click Kudos Star in a post.

--Problem Solved? Click "Accepted Solution" in a post.
MVP
Posts: 1,406
Registered: ‎11-30-2011

Re: OpenSSL - Alternative Chains Certificate Forgery Patch for ClearPass 6.5.2 is now available!

thanks for the quick fix guys.

 

one small detail, from the GUI the patch mentions release notes, but there is nothing there where the link takes you.

Search Airheads
Showing results for 
Search instead for 
Did you mean: