Problem Note 53341: OpenSSL vulnerabilities (05 Jun 2014) exist in the SAS® 9.4 Web Server
 |  |  |  |  |
SAS 9.4 Web Server includes OpenSSL 1.0.1c, which contains security vulnerabilities. These vulnerabilities are described in OpenSSL Security Advisory (05 Jun 2014).
Note: SAS 9.4 Web Server is part of the SAS® 9.4 Integration Technologies middle tier. The web server is included with SAS® BI Server, SAS® Enterprise BI Server, SAS® Visual Analytics, and any SAS® solution that includes a middle tier.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Web Server | Microsoft® Windows® for x64 | 9.4 | 9.4 | 9.4 TS1M0 | 9.4 TS1M2 |
| 64-bit Enabled AIX | 9.4 | 9.4 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| 64-bit Enabled Solaris | 9.4 | 9.4 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| HP-UX IPF | 9.4 | 9.4 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| Linux for x64 | 9.4 | 9.4 | 9.4 TS1M0 | 9.4 TS1M2 | ||
| Solaris for x64 | 9.4 | 9.4 | 9.4 TS1M0 | 9.4 TS1M2 | ||
A fix for this issue for SAS Web Server 9.4_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/S48.html#53341A fix for this issue for SAS Environment Manager 2.1_M1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/S44.html#53341A fix for this issue for SAS Environment Manager 2.1 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/S43.html#53341A fix for this issue for SAS Web Server 9.4 is available at:
https://tshf.sas.com/techsup/download/hotfix/HF2/S46.html#53341| Type: | Problem Note |
| Priority: | alert |
| Date Modified: | 2015-07-09 18:44:22 |
| Date Created: | 2014-06-30 10:13:27 |