Problem Note 60108: OpenSSL vulnerabilities exist in the SAS® 9.4 Web Server (OpenSSL advisories through 2nd January 2017)
SAS 9.4 Web Server includes OpenSSL 1.0.1u and earlier (dependent on the maintenance level of your SAS 9.4 software). OpenSSL 1.0.1 has been declared End of Life per a January 2, 2017 announcement on the OpenSSL website (openssl.org).
Note: SAS 9.4 Web Server is part of the SAS® 9.4 Integration Technologies middle tier. The web server is included with SAS® BI Server, SAS® Enterprise BI Server, SAS® Visual Analytics, and any SAS® solution that includes a middle tier.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
SAS System | SAS Web Server | Solaris for x64 | 9.4 | 9.44 | 9.4 TS1M0 | 9.4 TS1M5 |
Linux for x64 | 9.4 | 9.44 | 9.4 TS1M0 | 9.4 TS1M5 |
HP-UX IPF | 9.4 | 9.44 | 9.4 TS1M0 | 9.4 TS1M5 |
64-bit Enabled Solaris | 9.4 | 9.44 | 9.4 TS1M0 | 9.4 TS1M5 |
64-bit Enabled AIX | 9.4 | 9.44 | 9.4 TS1M0 | 9.4 TS1M5 |
Microsoft® Windows® for x64 | 9.4 | 9.44 | 9.4 TS1M0 | 9.4 TS1M5 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | alert |
Date Modified: | 2019-09-18 14:48:24 |
Date Created: | 2017-03-10 09:08:24 |