Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

ClearPass OpenSSL fix for vulnerability - CVE-2014-0224 is now available

This thread has been viewed 0 times

  • 1.  ClearPass OpenSSL fix for vulnerability - CVE-2014-0224 is now available

    EMPLOYEE
    Posted Jun 13, 2014 04:42 PM
      |   view attached

    Hello all,

     
    We have released a patch for OpenSSL library vulnerability , CVE-2014-0224 for ClearPass versions 6.1.0 - 6.1.4 , 6.2.6 and 6.3.3.
     
    • For ClearPass 6.1 customers, the patch can be applied on all minor versions (6.1.0, 6.1.1, 6.1.2. 6.1.3, 6.1.4).
    • For ClearPass 6.2 customers, you have to update to 6.2.6 cumulative patch and then apply this patch.  
    • For ClearPass 6.3 customers, you have to update to 6.3.3 cumulative patch and then apply this patch.
     
    Please review the attached README for more information on how to install the patch for your respective ClearPass versions. In ClearPass UI, where supported the patch should be visible on the Software updates screen under the section “Firmware and Patch Updates”. It is also available on our support site (support.arubanetworks.com) at the following locations for offline install. 
    • Downloads —> ClearPass —> Policy Manager —> Archives —> 6.1.0 —> Patches.
    • Downloads —> ClearPass —> Policy Manager —> Archives —> 6.2.0 —> Patches.
    • Downloads —> ClearPass —> Policy Manager —> Current Release —> Patches.