IBM Security Bulletin: Vulnerabilities in SSL affect IBM DataPower Gateways

SSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. IBM DataPower Gateways has addressed the applicable CVEs.

CVE(s): CVE-2016-6304, CVE-2016-2182, CVE-2016-2177, CVE-2016-2178, CVE-2016-6306, CVE-2016-2183

Affected product(s) and affected version(s):

IBM DataPower Gateways appliances all versions through 7.0.0.15, 7.1.0.12, 7.2.0.9, 7.5.0.3, 7.5.1.2 and 7.5.2.0.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gVE8XF
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3VyC



from IBM Product Security Incident Response Team http://ift.tt/2gJ239A