jump to navigation

PeopleSoft and Heartbleed April 22, 2014

Posted by Duncan in PeopleTools, TW.
trackback

Oracle have released a post detailing exactly whichheartbleed products are vulnerable to Heartbleed, which have fixes available and which aren’t vulnerable at all.

If you aren’t aware of what Heartbleed is, here’s a primer:

http://www.engadget.com/2014/04/12/heartbleed-explained/

There’s also an excellent web-comic here that explains quickly how the exploit works:

http://xkcd.com/1354/

Here is Oracle’s list:

http://www.oracle.com/technetwork/topics/security/opensslheartbleedcve-2014-0160-2188454.html

Happily, PeopleSoft is on the ‘not vulnerable’ list.

This doesn’t mean that you’re completely safe of course. You may well be using other components in your system that were impacted. At Succeed, for example, we use Amazon’s Elastic Load Balancer that was vulnerable but has now been patched.

Advertisement

Comments

1. satishperala - April 23, 2014

Haha … I love that comic. That is exactly what the bug does 😉

Btw, I have created a utility to test if any site is vulnerable to heartbleed bug at heartbleedtester.org
Hopefully, it should help some of your readers here.

2. karthikeyanram - April 30, 2014

That’s very nice!! 🙂


Sorry comments are closed for this entry

%d bloggers like this: