PeopleSoft and Heartbleed April 22, 2014Posted by Duncan in PeopleTools, TW.
Oracle have released a post detailing exactly which products are vulnerable to Heartbleed, which have fixes available and which aren’t vulnerable at all.
If you aren’t aware of what Heartbleed is, here’s a primer:
There’s also an excellent web-comic here that explains quickly how the exploit works:
Here is Oracle’s list:
Happily, PeopleSoft is on the ‘not vulnerable’ list.
This doesn’t mean that you’re completely safe of course. You may well be using other components in your system that were impacted. At Succeed, for example, we use Amazon’s Elastic Load Balancer that was vulnerable but has now been patched.