FAQ: Are NComputing products affected by HeartBleed?

            We have reviewed NComputing products to determine the impact for the issue described in CVE-2014-0160 (also known as the Heartbleed bug) and determined that there is no exposure to the vulnerability described in CVE-2014-0160 (link: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160) that can result from the use of NComputing supplied hardware or software products.

            Customers using NComputing software products with OpenSSL on their own Linux images should follow the instructions contained here to update their Ubuntu Linux Operating System (link: http://www.ubuntu.com/usn/usn-2165-1/) images in order to protect themselves from the Heartbleed bug.  As an added precaution, we recommend that you rotate any secrets or keys (e.g. your SSL certificates) that were used by the affected OpenSSL process.

            In addition, customers should review the information posted on the Apache Tomcat Wiki at https://wiki.apache.org/tomcat/Security/Heartbleed to determine whether their Tomcat deployment requires OpenSSL updates on other Linux images that may be used in conjunction with NComputing products.  

            If you have any questions regarding this or other NComputing technical issues or concerns in your environment, please feel free to contact us or review additional self help technical content at the following link.


            Article: 441

            REV 01/18
            Updated: 05 Jan 2018 02:02 AM
            Help us to make this article better
            0 0