|
I have verified with a friend in IBM. The HTTP server on IBM I does not use OpenSSL. SSL for their webserver is IBM's own implementation so this vulnerability does not apply to it.
The OpenSSL version in PASE which can be used for other things is version 0.9.8 which also does not have the bug. So no matter what, you are not at risk for this issue.
Brian May
IBM i Modernization Specialist
Profound Logic Software
http://www.profoundlogic.com
937-439-7925 Phone
877-224-7768 Toll Free
Modernization Made Easy!
www.profoundlogic.com
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of AHoerle@xxxxxxxxxxxxx
Sent: Thursday, April 10, 2014 11:26 AM
To: Midrange Systems Technical Discussion
Subject: RE: Encryption methods on the i
It appears the latest version available is 0.9.8m per the PTF listing located at http://www-01.ibm.com/support/docview.wss?uid=nas8N1012172 so we should all be fine.
Not sure what you have or need to show a manager?
1. call qp2term 2. cd /QOpenSys/QIBM/UserData/SC1/OpenSSL 3. ls
On my system I see:
openssl-0.9.7d openssl-0.9.8j
Are we having fun yet???
Amy Hoerle
System Administrator
Think Mutual Bank
5200 Members Pkwy NW, Box 5949
Rochester, MN 55901
507-536-5815 or
800-288-3425 Ext 5815
ahoerle@xxxxxxxxxxxxx
From: "Jim Oberholtzer" <midrangel@xxxxxxxxxxxxxxxxx>
To: "'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx>
Date: 04/10/2014 08:51 AM
Subject: RE: Encryption methods on the i
Sent by: midrange-l-bounces@xxxxxxxxxxxx
The version of OpenSSL on the V7R1 and very recent PTFs that I have is 9.8 so that is before the problem.
--
Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Raul A. Jager W.
Sent: Thursday, April 10, 2014 8:50 AM
To: Midrange Systems Technical Discussion
Subject: Re: Encryption methods on the i
Does the apache in the i have the vulnerability?
Bradley Stone wrote:
Is there a reason that you can't just use SSL or TLS for the transmission (either over FTP or HTTP)?<charles.wilt@xxxxxxxxx>wrote:
Of course, making sure your OpenSSL is patched first. :)
Why add a layer of complexity on both ends when you can have the system do it for you?
Brad
www.bvstools.com
On Wed, Apr 9, 2014 at 11:15 AM, Charles Wilt
wrote:
The API's David pointed out are what you want.
Realize that you'll need to open the file in binary mode and the the decrypted results will be in ASCII.
Charles
On Wed, Apr 9, 2014 at 12:07 PM, Jeff Young <jyoung0950@xxxxxxxxx>
this?
Based on the information I have at this time, they want to just encryptthe
data on their system (non ibm i) before transmission to prevent unauthorized access.(not
They are sending ascii csv data, so the records and fields with them are varying length.
Jeff Young
Sr. Programmer Analyst
On Wed, Apr 9, 2014 at 10:55 AM, <rob@xxxxxxxxx> wrote:
Encrypting the actual data, or the communication?to
For example, I could use sftp to transfer files encrypted between two systems. That would encrypt the communications but not the actual data itself. You could put a sniffer on that comm but you would not be able
make any sense out of that.
Many people use free sftp between disparate entities.
Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com
From: Jeff Young <jyoung0950@xxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx
Date: 04/09/2014 10:42 AM
Subject: Encryption methods on the i
Sent by: midrange-l-bounces@xxxxxxxxxxxx
All,
I have a client that is presently sending files from another system
i)program
to the IFS in CSV format..
They are planning to encrypt the data prior to transmission and my
will need to decrypt it before processing.
What encryption / decryption methods are available on the i to do
wouldAt this time, the client has not chosen an encryption method and theywant
to ensure that the decryption process is available for the i.
At this time, they are not looking for a commercial solution, and I
listprefer a solution that could be used an ILE RPG program, or a system command.list
TIA,
Jeff Young
Sr. Programmer Analyst
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,--
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,--
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
