https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513313#M31806 <P>Fair enough.. lets cross our fingers i guess..</P> Mon, 07 Apr 2025 08:40:37 GMT tin_u 2025-04-07T08:40:37Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2505866#M29107 <P>Good day<BR /><BR />When should we expect the release of&nbsp;<SPAN>QB-28631 or QB-28762, now we are sitting with a situation (<A href="https://cyberpress.org/openssl-vulnerability/" target="_blank">https://cyberpress.org/openssl-vulnerability/</A>) and Microsoft Defender has picked up Qlik Sense's OpenSSL files need to be updated.</SPAN></P> <P>&nbsp;</P> <P>Affected Files:<BR /><BR /></P> <P>c:\program files\common files\qlik\custom data\qvodbcconnectorpackage\drill\lib\openssl64.dlla\libcrypto-3-x64.dll<BR />c:\program files\common files\qlik\custom data\qvodbcconnectorpackage\drill\lib\openssl64.dlla\libssl-3-x64.dll</P> <P><BR />c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\oracle\lib\libcrypto-3-x64.dll<BR />c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\oracle\lib\libssl-3-x64.dll<BR />c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\libcurl64.dlla\openssl64.dlla\libcrypto-3-x64.dll</P> <P>c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\libcurl64.dlla\openssl64.dlla\libssl-3-x64.dll<BR />c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\openssl64.dlla\libcrypto-3-x64.dll<BR />c:\programdata\package cache\af7aeebf-6f94-4a09-9113-21295ed47105\qvodbcconnectorpackage\spark\lib\openssl64.dlla\libssl-3-x64.dll</P> <P>&nbsp;</P> <P>cc:&nbsp;<a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/160205">@Lass</a>&nbsp;</P> <P>&nbsp;</P> Fri, 14 Feb 2025 05:36:38 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2505866#M29107 BernieMaf 2025-02-14T05:36:38Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2506540#M29108 <P><a href="https://community.qlik.com/t5/user/viewprofilepage/user-id/130975">@Nick_Asilo</a>&nbsp;can you please assist?</P> Wed, 19 Feb 2025 08:27:42 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2506540#M29108 BernieMaf 2025-02-19T08:27:42Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2512742#M31793 <P>Do we have any status on this that Qlik recognize this as an issue?</P> Wed, 02 Apr 2025 12:25:42 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2512742#M31793 tin_u 2025-04-02T12:25:42Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2512746#M31794 <P>Nothing at all.<BR />QLIK support is non-existent on issues we raise. I guess they are willing to pay when we get breached because of their products.<BR />Security is not that important to them, postmen are quicker than their security team when it comes to delivery.</P> Wed, 02 Apr 2025 12:43:11 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2512746#M31794 BernieMaf 2025-04-02T12:43:11Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513004#M31796 <P>Just got a reply from support regarding my ticket where i raised some of these concerns, and it seems like these issues will be addressed in the May 2025 Initial Release..</P> Thu, 03 Apr 2025 14:31:31 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513004#M31796 tin_u 2025-04-03T14:31:31Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513009#M31797 <P>I won't get my hopes up. We were told last year that it would be addressed in the November 2024 release, but here we are.</P> Thu, 03 Apr 2025 14:35:11 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513009#M31797 BernieMaf 2025-04-03T14:35:11Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513313#M31806 <P>Fair enough.. lets cross our fingers i guess..</P> Mon, 07 Apr 2025 08:40:37 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513313#M31806 tin_u 2025-04-07T08:40:37Z https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513316#M31807 <P>I have already gone through the Technical Preview for May 2025&nbsp;<A href="https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-Technical-Preview-for-May-2025/ta-p/2512973" target="_blank">https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-Technical-Preview-for-May-2025/ta-p/2512973</A>&nbsp;and I don't see the resolution for our issue.<BR />The only thing close to our issue is the QB-29866 (<SPAN>Qlik Sense: libcurl library updates).</SPAN></P> Mon, 07 Apr 2025 08:53:45 GMT https://community.qlik.com/t5/Management-Governance/Critical-OpenSSL-Vulnerability/m-p/2513316#M31807 BernieMaf 2025-04-07T08:53:45Z