OpenSSL vulnerability CVE-2014-0160 (Heartbleed)


Summary

The National Institute of Standards and Technology (NIST) has published a vulnerability to OpenSSL 1.0.1. Details regarding the vulnerability are available from the NIST website. The following Kerio products used the affected version of the OpenSSL library‚Ķ 

Resolution

A fix is available for Kerio Connect as of version 8.2.4. You can download this release from the Kerio Website.

A fix is available for Kerio Operator as of version 2.2.5. You can download this release from the Kerio Website.

A fix is available for Kerio Control as of version 8.2.2 patch 2. You can download this release from the Kerio Website.

Additional information and security precautions can be found at the following location: http://goo.gl/filNif



Article Number: 1585
Posted: Tue, Apr 8, 2014 8:41 PM
Last Updated: Thu, Jul 21, 2016 1:02 PM
Posted: Brian Carmichael

Online URL: http://kb.kerio.com/product/kerio-operator/openssl-vulnerability-cve-2014-0160-heartbleed-1585.html