IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Cloud Manager

OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cloud Manager. IBM Cloud Manager has addressed the applicable CVEs.

CVE(s): CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-6304, CVE-2016-6305, CVE-2016-2183, CVE-2016-2181, CVE-2016-6302, CVE-2016-2182, CVE-2016-2180, CVE-2016-6303, CVE-2016-8610

Affected product(s) and affected version(s):

IBM Cloud Manager with OpenStack 4.3.0 through 4.3.0.6,
IBM Cloud Manager with OpenStack 4.1.0 through 4.1.0 5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2eTCXIs
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dR3VyC
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2hNr07D

The post IBM Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Cloud Manager appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2eTCZA4