Logjam! New Security Vulnerability in the News

Logjam!  New Security Vulnerability in the News

Logjam is a new security vulnerability that has been in the news recently.  Logjam affects customers using SSL / TLS with weak cryptographic ciphers available on web servers.  If these weak ciphers are not disabled, a man-in-the-middle attack can be used to downgrade a strong cipher suggested by the browser to a vulnerable cipher.

This vulnerability affects all browsers except Internet Explorer 11.  I have seen reports that Chrome 45 has been released on the developer release channel that also protects against Logjam.  These "fixed" browsers protect against Logjam by denying access to the website if a weak cipher is suggested by the server.  The default set of ciphers used by Tomcat include weak ciphers.

For full details on the vulnerability and the configuration necessary to protect your server, see this paper on Mitigating-LogJam-in-SBM.

Continue reading
4957 Hits
0 Comments

Dimensions Alert Regarding Possible Sequence Spacing Issue

 Serena Support recently issued an alert on our web site to address a possible Dimensions sequencing issue on Oracle databases around unique identifiers.  We anticipate only a small number of customers may be affected but it is important to take proactive steps to avoid future failure.  If your database is affected and not addressed, the impact may leave Dimensions unable to add new items into the library.   This problem can be avoided by following the simple steps outlined in Solution S140907 from our knowledge base.  If you have already completed this action following the alert posting, there is no additional action needed. 

Continue reading
6004 Hits
0 Comments

Recent Tweets