OpenSSL vulnerabilities were disclosed on December 3, 2015 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearQuest. IBM Rational ClearQuest has addressed the applicable CVEs.
CVE(s): CVE-2015-3196, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195
Affected product(s) and affected version(s):
IBM Rational ClearQuest, versions 7.1.0.x, 7.1.1.x, 7.1.2.x, 8.0.0.x, 8.0.1.x, and 9.0 in the following components:
- ClearQuest hooks and cqperl/ratlperl scripts that use SSL.
- Database drivers configured to use SSL connections to the database.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/1qXdPQT
X-Force Database: http://ift.tt/1KB3SSD
X-Force Database: http://ift.tt/1rd28Gc
X-Force Database: http://ift.tt/1KB3Vh1
X-Force Database: http://ift.tt/1QmYT4z
| ClearQuest version | Status |
| 9.0 | Affected |
| 8.0.1 through 8.0.1.10 | Affected |
| 8.0 through 8.0.0.17 | Affected |
| 7.1.0.x 7.1.1.x 7.1.2.x (all versions and fix packs) |
Affected |
from IBM Product Security Incident Response Team http://ift.tt/1WUFYG9
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.