IBM Rational products not subject to CVE-2014-0160 Heartbleed vulnerability

Flash (Alert)


Abstract

This alert contains an interim list of IBM Rational products determined not to be vulnerable to CVE-2014-0160 Heartbleed vulnerability.

Content

IBM is analyzing its products to determine which ones may be affected by the OpenSSL Heartbleed vulnerability (CVE-2014-0160).

IBM products that require fixes will be communicated through the IBM Support Portal.

Please actively monitor the IBM Rational Support Portal for available fixes and the IBM PSIRT blog post for additional information.

The OpenSSL Heartbleed vulnerability (CVE-2014-0160) does NOT affect the following IBM Rational products at any level or on any platform:

  • IBM Mobile Quality Assurance
  • IBM Rational Jazz Team Server
  • IBM Rational Logiscope
  • IBM Rational Reporting for Development Intelligence
  • IBM Rational Insight
  • IBM Rational Lifecycle Integration Adapters Tasktop Edition
  • IBM Rational OSLC Adapter for HP ALM
  • IBM Rational OSLC Adapter for Git
  • IBM Rational OSLC Adapter for Atlassian Jira
  • IBM Rational Connector for SAP Solution Manager
  • IBM Rational Publishing Engine
  • IBM Rational Engineering Lifecycle Manager
  • IBM Rational Software Architect Design Manager
  • IBM Rational Rhapsody
  • IBM Rational Rhapsody Design Manager
  • IBM Rational DOORS
  • IBM Rational DOORS Web Access
  • IBM Rational Statemate
  • IBM Rational Functional Tester
  • IBM Rational Service Tester for SOA Quality
  • IBM Rational Performance Tester
  • IBM Rational Test RealTime
  • IBM Rational Integration Tester
  • IBM Rational Programming Patterns (RPPz)
  • IBM Rational Developer for AIX and Linux
  • IBM Rational Developer for i
  • IBM Rational Developer for System z
  • IBM Rational Application Developer for WebSphere Software
  • IBM Rational Development and Test Environment for System z
  • IBM Rational Quality Manager
  • IBM Rational Requirements Composer
  • IBM XL C/C++ compilers (all variations)
  • IBM PL/1 and PL/X compilers (all variations)
  • IBM COBOL compilers (all variations)
  • IBM XL Fortran compilers (all variations)
  • IBM Eclipse SDK (IES)
  • IBM Rational Asset Analyzer
  • IBM Personal Communications
  • IBM Rational PurifyPlus
  • IBM Rational Change
  • IBM Rational Synergy
  • IBM Rational Host On-Demand
  • IBM Rational Host Access Transformation Services
  • IBM Rational Rose RealTime
  • IBM Rational TTCN Suite
  • IBM Rational Tau
  • IBM Rational Rose
  • IBM Rational Systems Tester
  • IBM Rational Software Architect RealTime Edition
  • IBM Rational Asset Manager
  • IBM Rational Software Architect
  • IBM Rational Business Developer
  • IBM Rational Method Composer
  • IBM Rational System Architect
  • IBM Rational System Architect XT
  • IBM Rational Focal Point
  • IBM Rational Directory Server
  • IBM Rational Common Licensing
  • IBM UrbanCode Deploy
  • IBM UrbanCode Release
  • IBM Rational Automation Framework

Remediation: No action required.

Change History
    • 23 July 2014: Removed Requisite Pro (see this bulletin for details)
    • 24 April 2014: Added Rational Development and Test Environment for System z
    • 14 April 2014: Added Rational Asset Analyzer
    • 11 April 2014: Added Rational Functional Tester
    • 10 April 2014: original document published


Related information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Rational Jazz Team Server not affected by CVE-2014-0160

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Rational Customer Support
News and Information

Software version:

All Versions

Operating system(s):

AIX, HP-UX, Linux, Solaris, Windows

Reference #:

1670030

Modified date:

2014-07-23

Translate my page

Machine Translation

Content navigation