-
1. Re: Is RTMPS affected by the Heartbleed bug?
namitagrawalApr 15, 2014 10:30 PM (in response to borno13)
OpenSSL version used by AMS for RTMPS is not affected by HeartBleed vulnerability.
-
2. Re: Is RTMPS affected by the Heartbleed bug?
borno13 Apr 16, 2014 6:45 AM (in response to namitagrawal)Thanks for your reply. That was helpful. I also want to ask if there is any specific version of AMS that is vulnerable to the Heartbleed bug and if it should be upgraded?
-
3. Re: Is RTMPS affected by the Heartbleed bug?
namitagrawalApr 17, 2014 3:22 AM (in response to borno13)
This holds true for all shipping versions of AMS
-
4. Re: Is RTMPS affected by the Heartbleed bug?
borno13 Sep 19, 2014 12:48 PM (in response to namitagrawal)Hi Namita,
I just found this thread : OpenSSL vulnerability 6 Aug 2014 from August and it says AMS 5.0.6 has the fix for the bug. So other versions 5.0.1 through 5.0.5 are affected by the bug?
Could you please clarify?
Thanks a bunch.
-
5. Re: Is RTMPS affected by the Heartbleed bug?
hparmarSep 21, 2014 1:50 AM (in response to borno13)
Yes
-
6. Re: Is RTMPS affected by the Heartbleed bug?
borno13 Sep 23, 2014 9:15 AM (in response to hparmar)Thanks a lot for confirming hparmar. Is there a reason Adobe delayed the release of the patch?
-
7. Re: Is RTMPS affected by the Heartbleed bug?
hparmarSep 26, 2014 4:28 AM (in response to borno13)
if openssl releases a patch we try our best to incorporate it in next possible release of AMS.
Even otherwise, openssl can be compiled separately and dropped into AMS installation...Adone encourages its customers to do so and we have documented the steps required to compile openssl for AMS and made them available on internet docs.Just google for "Adobe media server openssl compile".
-
8. Re: Is RTMPS affected by the Heartbleed bug?
ashish gupta.Sep 26, 2014 4:44 AM (in response to hparmar)
Sharing the link.