Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 158 replies
  • Subscribers 3 subscribers
  • Views 151016 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Timeline for patching SSL vulnerability (Heartbleed Bug)

strategicdata
Heatbleed Bug (CVE-2014-0160)

Hi

Is there any timeframe for patching this SSL/TLS bug for Astaro Security Gateway V8.
We are on the latest 8.311 (as V8 is an approved appliance for us and V9 is not).

Thanks


Heartbleed Bug
https://news.ycombinator.com/item?id=7548991


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to SIKN
    I had no problem with my cluster. 

    Only the RED 10 devices were still offline after proceding with the KB Heartbleed: Recommended steps for UTM
    Reboot of both (!) UTM's has solved the problem.


    Hello everybody,
    I updated our active/passive cluster to 9.111 but the RED tunnel doesn't want to come up again... The RED10 is configured in transparent-split mode with fixed IP inthe remote LAN and actually all the clients behind the RED are browsing the web (as configured), but the tunnel with our UTM doesn't work. I try to reboot the UTM as reported by Inter, but without succes-
    The RED log is not helpful: 

    2014:04:14-15:04:43 fw001-2 red_server[19395]: SELF: RED50 local fw version set to 2031
    2014:04:14-15:04:43 fw001-2 red_server[19395]: SELF: IO::Socket::SSL Version: 1.953
    2014:04:14-15:04:43 fw001-2 red_server[19395]: SELF: Startup - waiting 15 seconds ...
    2014:04:14-15:04:58 fw001-2 red_server[19395]: SELF: Overlay-fw has been updated ...
    2014:04:14-15:04:58 fw001-2 red_server[19406]: UPLOAD: Uploader process starting
    2014:04:14-15:04:58 fw001-2 red_server[19395]: SELF: (Re-)loading device configurations
    2014:04:14-15:04:58 fw001-2 red_server[19395]: A3000*********x: New device
    2014:04:14-15:04:58 fw001-2 red_server[19395]: A3000*********x: Staging config for upload
    2014:04:14-15:04:58 fw001-2 red_server[19395]: A3000*********xA: device config changed, kicking to force reconfiguration
    2014:04:14-15:05:00 fw001-2 red_server[19406]: UPLOAD: [A3000*********x] Uploaded config to registry service
    2014:04:14-15:07:46 fw001-2 red_server[19395]: SELF: (Re-)loading device configurations 

    The last line is now repeated [:(]

    Has anyone any idea?

    Thanks Luigi