-
Type: Task
-
Resolution: Done
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: manual
-
Labels:
In SECURITY-161 we are coordinating a response to the heartbleed vulnerability.
This bug affects products bundled with specific versions of OpenSSL. We need to include a notice in our documentation stating the version of OpenSSL that is shipped with the Windows Enterprise Build. This can then be referenced to show we are not vulnerable.
I propose adding
MongoDB Enterprise for Windows ships with OpenSSL version 1.0.1g.
To perhaps this section on 2.6 release notes:
http://docs.mongodb.org/manual/release-notes/2.6/#mongodb-enterprise-for-windows