IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry

OpenSSL vulnerabilities were discolsed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM SmartCloud Entry. IBM SmartCloud Entry has addressed the applicable CVEs.

CVE(s): CVE-2016-6302, CVE-2016-6304, CVE-2016-6305, CVE-2016-6303, CVE-2016-2182, CVE-2016-2180, CVE-2016-2177, CVE-2016-2178, CVE-2016-2181, CVE-2016-2179, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2183

Affected product(s) and affected version(s):

IBM SmartCloud Entry Hyper-V Agent 3.1.0 through 3.1.0.4 interim fix 3,

IBM SmartCloud Entry Hyper-V Agent 3.2.0 through 3.2.0.4 interim fix3,

IBM Cloud Manager with OpenStack Hyper-V Agent 4.1.0 thorugh 4.1.0.5,

IBM tCloud Manager with OpenStack Hyper-V Agent 4.3.0 through 4.3.0.7

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2fBIOCU
X-Force Database: http://ift.tt/2dR4fNY
X-Force Database: http://ift.tt/2dmY7tO
X-Force Database: http://ift.tt/2dR3XX1
X-Force Database: http://ift.tt/2dmXjFz
X-Force Database: http://ift.tt/2dR45pA
X-Force Database: http://ift.tt/2dmWOvf
X-Force Database: http://ift.tt/2aPXjQq
X-Force Database: http://ift.tt/2asKHex
X-Force Database: http://ift.tt/2dmXLUk
X-Force Database: http://ift.tt/2dR5fBu
X-Force Database: http://ift.tt/2dmYpRr
X-Force Database: http://ift.tt/2dR3Smm
X-Force Database: http://ift.tt/2dmYa8Y
X-Force Database: http://ift.tt/2dR3VyC

The post IBM Security Bulletin: Vulnerabilities in OpenSSL affect IBM SmartCloud Entry appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2xMQLf8