I see that a patch was released for 5.0 that fixes the OpenSSL issue. Is a patch going to be released for 4.4?
We are currently running 4.4 and a non-vulnerable version of the Odyssey Client (5.4).
The release notes for 5.0 says that it supports Odyssey 5.5 or 5.6 and above, so if we go to UAC 5.0 that means we also have to upgrade all 1000 desktop clients... Not a fun thing to do on short notice.
Solved! Go to Solution.
I understand your concerns and I know upgrading all OAC client machines is a tough job!
Yes, there is going to be a fix for vulnerable 4.4Rx release.
The fix would be available in 4.4R10 release, which is tentatively scheduled to be released by last week of April.
I understand your issue.
The below Juniper Knowlegde base link also information on Details on fixes for OpenSSL "Heartbleed" issue with respect to Junos Pulse/IC (UAC).
The above link also has fixed release information in 5.0 UAC, 4.4 UAC , 5.0 & 4.0 Pulse , you also have download link from this KB which redirects to the s/w download site.
I hope this will help you.
Note: If I have answered your questions, you could mark this post as accepted solution, that way it could help others as well. Kudo will be a bonus thanks!
Thanks for the followup. I have upgraded all our systems to 4.4r10 and are going to be moving to 5.0 and pulse in the next couple months...