On Tue, Apr 8, 2014 at 5:17 PM, Michael Garrison <mcgarr@umich.edu> wrote:

We asked support and some of our very helpful NetApp folks earlier
today and received the following bug IDs:

815987 - A public report should be prepared to indicate that this is
not applicable to existing releases as no version of ONTAP ships with
OpenSSL 1.0.1x.

795741 CVE-BUNDLE-OPENSSL: Upgrade OCUM 6.x OpenSSL to 1.0.1g

795814 CVE-BUNDLE-OPENSSL: Upgrade OPM (post-1.0) OpenSSL to 1.0.1g

795466 is for OCUM 5.2XX

So ONTAP isn't vulnerable, but other things like OCUM are.

Hope that helps,
Mike Garrison

On Tue, Apr 8, 2014 at 5:08 PM, Douglas Siggins <siggins@gmail.com> wrote:
> Greetings,
> Looking for a quick way to determine what versions of SSL are in use
> in DOT (7-mode). I could not find anything specific.
>
> http://heartbleed.com/
>
>
> I assume the version of SSL is probably not 1.0.1 - 1.0.1f on the
> Netapps. Anyone have any ideas where to look?
> _______________________________________________
> Toasters mailing list
> Toasters@teaparty.net
> http://www.teaparty.net/mailman/listinfo/toasters
_______________________________________________
Toasters mailing list
Toasters@teaparty.net
http://www.teaparty.net/mailman/listinfo/toasters