Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Heartbeat Open SSL Vulnerability - what is Alfresco doing in response

dmertz123
Champ in-the-making
Champ in-the-making

‎04-10-2014 03:57 PM

Assuming the servers which are hosting alfresco are Linux based, have the servers been checked to see if they are vulnerable to the OpenSSL heartbeat vulnerability? 

When were the servers updated?

What else is being done to pre-emptively address possibly exposed certificates, passwords, encryption keys, etc.?
Labels:
0 Kudos
3 REPLIES 3

petep
Champ in-the-making
Champ in-the-making

‎04-11-2014 04:40 AM

Thanks for the enquiry. I can confirm that all servers at Alfresco have been patched and all necessary authentication tokens rotated. Please see our statement on the matter at https://portalalfresco.secure.force.com/articles/en_US/Security_Bulletin/OpenSSL-vulnerability-Heart...
0 Kudos

mrogers
Star Contributor
Star Contributor

‎04-11-2014 04:44 AM

Patches have been applied.

I'm not in a position to give further details and wouldn't post specific security details anyway.
0 Kudos

jpotts
World-Class Innovator
World-Class Innovator

‎04-11-2014 10:37 AM

For folks who cannot log in to the support portal, Pete has added a post in the Announcements forum here:
http://forums.alfresco.com/forum/general/announcements/heartbleed-ssl-vulnerability-cve-2014-0160-04...

Jeff
Jeff Potts
https://www.metaversant.com | https://ecmarchitect.com
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC