The forum will experience an outage sometime between February 10 at 7:00pm EST and February 12 at 11:59 EST for installation of security updates. The actual time and duration of the outage are unknown but attempts will be made to minimize the downtime. We apologize for any inconvenience.

There's a contradiction according to the "Heartbleed" fixes between the information in this FAQ and the newest EBF readme:

From Jason's statement in the FAQ answer:

Affected Versions - note that all platforms are impacted by this issue.
SQL Anywhere 12.0.1 ebf 3994-4085
SQL Anywhere 16.0 ebf 1690-1823

In contrast, the EBF readme (and the according CR) does name different affected versions:

================(Build #4086  - Engineering Case #761751)================

The OpenSSL vulnerability known as Heartbleed impacted some components of 
SQL Anywhere software as follows:
Affected Versions (note that all platforms were impacted by the vulnerability):
 - SQL Anywhere 12.0.1 builds 3994-4098
 - SQL Anywhere 16.0 builds 1690-1880

Am I right that the EBF information is wrong? - I hope so as there are no 16.0 EBFs available with build numbers beyond 1880...

asked 19 May '14, 03:38

Volker%20Barth's gravatar image

Volker Barth
accept rate: 32%

edited 19 May '14, 05:47

Presumably the EBF for Windows has the Heartbleed fix. Alas, the associated read-me file does not contain any mention of it (no mention of Engineering Case #761751, no references AT ALL to ANY changes made in build 1824).

I suspect the Evil Prince Haste is to blame :)

(19 May '14, 09:32) Breck Carter

Hm, as Jason has added here:

Update 7 (May 26, 2014): Further changes were required to fully resolve the security vulnerability known as Heartbleed. All Linux users concerned about Heartbleed should update to 12.0.1 SP74 (Build 4110) or newer and/or 16.0 SP13 (Build 1911) or newer. Windows users who use the FIPS option or who are using LDAP authentication should update to 12.0.1 SP72 (Build 4104) or newer and/or 16.0 SP14 (Build 1915) or newer

So, I would conclude the EBF readme note seems to be more up-to-date...

permanent link

answered 26 May '14, 10:13

Volker%20Barth's gravatar image

Volker Barth
accept rate: 32%

There is also an updated CR to reflect the additional changes needed - see CR #764130.

permanent link

answered 26 May '14, 10:52

Jeff%20Albion's gravatar image

Jeff Albion
accept rate: 24%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 19 May '14, 03:38

question was seen: 1,290 times

last updated: 26 May '14, 10:52