Splunk 4.1.6, which was released on November 29th, 2010, updates OpenSSL to version 0.9.8p in order to address the race condition vulnerabilities described in CVE-2010-3864 (cve.mitre.org) (openssl.org).
Splunk recommends that customers implement as many aspects of the Splunk Hardening Standards as possible to reduce risk.
|
Splunk 4.1.6 includes OpenSSL 0.9.8p because all versions of Splunk prior to 4.1.6: