Home Help Center

Rebuild for new OpenSSL vulnerability

rleighrleigh Member Roger LeighOrganization: University of DundeeProject: OMERO (Open Microscopy Environment)
With regard to the latest OpenSSL vulnerabilities, fixed with OpenSSL 1.0.1h, will the ThirdPartySources be updated and the ZeroC binary packages be updated to resolve the currently present security bugs? Is there an ETA for this?

Does ZeroC proactively track security issues in its dependent packages?


Kind regards,
Roger Leigh

Comments

  • xdmxdm La Coruña, SpainAdministrators, ZeroC Staff Jose Gutierrez de la ConchaOrganization: ZeroC, Inc.Project: Ice Developer ZeroC Staff
    We will shortly updates the Windows installers and the third party source packages, after we test there isn't any compatibility issues. For Linux and OS X where we use the system OpenSSL libraries you will need to wait until the distributions provide the updates.
  • xdmxdm La Coruña, SpainAdministrators, ZeroC Staff Jose Gutierrez de la ConchaOrganization: ZeroC, Inc.Project: Ice Developer ZeroC Staff
    Hi Roger,

    Ice distributions that include the latest openssl-1.0.1h are available in our download page, see the announcement for details.
  • rleighrleigh Member Roger LeighOrganization: University of DundeeProject: OMERO (Open Microscopy Environment)
    Re: Rebuild for new OpenSSL vulnerability

    Sorry for not replying sooner, but I just wanted to say thank you for making the rebuilt third party sources available so quickly. We were able to rebuild all our dependent packages shortly afterward.


    Thanks again,
    Roger
Sign In or Register to comment.