Problem Note 53245: OpenSSL security vulnerabilities (05 Jun 2014) exist in SAS/SECURE™ software
 |  |  |  |  |
For SAS® 9.3 and SAS® 9.4 (TS1M0 and TS1M1) in UNIX and z/OS operating environments, SAS/SECURE software includes OpenSSL 0.9.8, which contains security vulnerabilities. These vulnerabilities are described in the OpenSSL Security Advisory (05 Jun 2014).
Click the Hot Fix tab in this note to access the hot fix for this issue.
This hot fix upgrades the version of OpenSSL to 0.9.8za.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS/SECURE 168-bit | z/OS | 9.3 | 9.3 TS1M2 | ||
| Z64 | 9.3 | 9.3 TS1M2 | ||||
| 64-bit Enabled AIX | 9.3 | 9.3 TS1M2 | ||||
| 64-bit Enabled HP-UX | 9.3 | 9.3 TS1M2 | ||||
| 64-bit Enabled Solaris | 9.3 | 9.3 TS1M2 | ||||
| HP-UX IPF | 9.3 | 9.3 TS1M2 | ||||
| Linux | 9.3 | 9.3 TS1M2 | ||||
| Linux for x64 | 9.3 | 9.3 TS1M2 | ||||
| Solaris for x64 | 9.3 | 9.3 TS1M2 | ||||
| SAS System | SAS/SECURE | z/OS | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 |
| Z64 | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| 64-bit Enabled AIX | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| 64-bit Enabled Solaris | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| HP-UX IPF | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| Linux for x64 | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| Solaris for x64 | 9.4 | 9.4_M2 | 9.4 TS1M0 | 9.4 TS1M2 | ||
A fix for this issue for SAS/Secure SSL 9.4_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M88.html#53245A fix for this issue for SAS/Secure SSL 9.4_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M88.html#53245A fix for this issue for SAS Threaded Kernel 9.4_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M88.html#53245A fix for this issue for SAS Threaded Kernel 9.3_M2 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/I22.html#53245A fix for this issue for Base SAS 9.4_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/M88.html#53245A fix for this issue for Base SAS 9.4 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/L08.html#53245A fix for this issue for SAS/Secure SSL 9.4 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/L08.html#53245A fix for this issue for Base SAS 9.3_M2 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/I22.html#53245A fix for this issue for SAS/Secure SSL 9.3_M2 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/I22.html#53245A fix for this issue for Base SAS 9.3_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/F98.html#53245A fix for this issue for SAS/Secure SSL 9.3_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/T21.html#53245| Type: | Problem Note |
| Priority: | alert |
| Date Modified: | 2014-06-18 13:11:18 |
| Date Created: | 2014-06-17 16:03:34 |