squip_86995
Apr 07, 2014Nimbostratus
OpenSSL and Heart Bleed Vuln
Get the latest updates on how F5 mitigates Heartbleed
Hi Team,
I know this question is eventually going to be asked - I may as well do it.
With the news today about the Heartbleed OpenSSL Vulnerability (http://heartbleed.com) I wanted to confirm if we are at any risk. All of my LTM V11 and V10 instances are running OpenSSL 0.9.8x which does not appear to be a vulnerable version of OpenSSL... Does the F5 hook into this when we Sign/Request SSL Certs? If so we're sitting pretty, right?
Thanks.
Updates based on feedback:
ul
Update 2: F5 have published a security advisory on this issue - http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html