WEBppliance 3.1.10 LS
WEBppliance 3.1.10 provides a security patch that resolves the OpenSSL vulnerability
that allows a potential timing-based attack and a modified Bleichenbacher attack.
It also fixes one high priority bug.
This Patch requires WEBppliance 3.1.9 to be installed on your server.
NOTE : This patch will not install on any other version of WEBppliance other than 3.1.9
Security patch for OpenSSL Vulnerability
OpenSSL vulnerability that allows a potential timing-based attack and a modified
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a
allow remote attackers to perform an unauthorized RSA private key operation via
a modified Bleichenbacher attack that uses a large number of SSL or TLS connections
using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the
relationship between ciphertext and the associated plaintext, aka the
Advisory details for the security patch are available at the following URL:
Other Resolved Issues :
- After upgrading the existing WEBppliance 3.1.x server, domain preview using
http://servername/domainname/ was broken. This problem is corrected in
Download site: (be sure to downloadusing BINARY mode)
To install the patch, please follow the instructions below:
- Download the file LS-3.1.10-1.tar.gz
- Uncompress the file:
tar -xvzf LS-3.1.10-1.tar.gz
- Change the current directory to the directory where you have uncompressed the file:
- Run the following command
# sh ./patch-install-3.1.10-1.sh
The install script verifies the current installation of WEBppliance to ensure that it complies with the patch requirements and then upgrades the required RPMs (requires root access).
This install script will automatically restart httpd (apache) and webppliance services.