We have patched our back end OSes against openssl and we're replacing the purchased certificate on the front end of our CAS service. this openssl vulnerability is going to be a windfall for SSL CA signers!
- Rex Roof WCC Systems Engineer <[email protected]> 734-973-3478 On Wed, Apr 9, 2014 at 3:12 PM, Linda Toth <[email protected]> wrote: > Thanks - that summarizes my understanding. > > In our case, that does apply. But I then wondered about native CAS as > well. > > Regards, > > Linda > > -- > > Linda Toth > University of Alaska - Office of Information Technology (OIT) - Identity > and Access Management > 910 Yukon Drive, Suite 103 > Fairbanks, Alaska 99775 > Tel: 907-450-8320 > Fax: 907-450-8381 > [email protected] | www.alaska.edu/oit/ > > > > On Wed, Apr 9, 2014 at 11:04 AM, Carlos Fernandez <[email protected]>wrote: > >> IIUC, it depends on the container. In the case of Tomcat, the APR-based >> connector uses OpenSSL. Similarly, using Apache in front of Tomcat will >> bring OpenSSL into the mix as well. >> >> Best regards, >> -- >> Carlos M. Fernández >> Sr. Enterprise Systems Admin >> Saint Joseph's University >> W: 610-660-1501 >> M: 215-316-1193 >> E: [email protected] >> >> On Apr 9, 2014, at 14:53, Linda Toth <[email protected]> wrote: >> >> Hi >> >> Does any component of CAS rely on any Open SSL libraries. >> >> Linda >> >> -- >> Linda Toth >> University of Alaska - Office of Information Technology (OIT) - Identity >> and Access Management >> 910 Yukon Drive, Suite 103 >> Fairbanks, Alaska 99775 >> Tel: 907-450-8320 >> Fax: 907-450-8381 >> [email protected] | www.alaska.edu/oit/ >> >> -- >> You are currently subscribed to [email protected] as: [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> >> > -- > You are currently subscribed to [email protected] as: [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
