http://coldfusion.com logo
Join Slack
Powered by
If so, wondering about whether there will be a hot...
# adobe
m
If so, wondering about whether there will be a hotfix to address https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html that lands today (similar to heartbleed vuln)
j
You might want to do a quick search of slack, this was discussed the other day briefly.
👍 1
m
Are you thinking of this one? https://cfml.slack.com/archives/C06T9CQ0N/p1666880516977439 That's the only one I could spot right off
☝🏻 1
j
Yep!
I hope that helps.
👍 1
m
Ok, gotcha. It looks like it was inconclusive. Kind of ends with "maybe via Java 🤷". @Mark Takata (Adobe) do you think you could track down a definitive answer on whether we need to be concerned?
👍🏻 1
m
checking...
👍 1
m
https://cfml.slack.com/archives/C06T9CQ0N/p1667317966675689?thread_ts=1666880516.977439&cid=C06T9CQ0N And if the answer is "not directly, but depends on what web server is running under the hood" I'm fine with that as well
right now I think we're using the Ortus CB container, so I'd have to dig into that and see what's going on there, fwiw
any word yet?
k
I seem to recall the last time there was an openssl issue, getting any response at all out of Adobe was like pulling a mouth full of teeth.
p
Hi All, Just want to update everyone that CF is not impacted by OpenSSL vulnerability.
❤️ 3
2
m
Thank you for confirming this Priyank ❤️
👍 1
m
@priyank_adobe can you confirm that AWS AMI installs through Adobe partners are also not affected?
@priyank_adobe just checking if you saw my above question
m
Hey Mith, just a heads up, Priyank has just gone on his sabbatical. He will be unavailable for a few weeks. Adobe folks get a multiple week sabbatical every five years.
👍 1
🏖️ 1
p
@thanks @Mark Takata (Adobe). @mithlond Yes those are also not affected.
❤️ 1
m
woot - thank you! and sorry to bother you on your vacation. enjoy! 🏝️
3 Views
Open in Slack
PreviousNext
Powered by