Is there a fix available for OpenSSL vulnerability CVE-2016-2107?
OpenSSL vulnerability CVE-2016-2107 is fixed in Openssl 1.0.1t version which comes with Apache 2.4.20. The solution is to upgrade to latest version of Apache and here are the Windows steps for this:
Please ensure that you have installed the Visual C++ 2010 SP1 Redistributable Package x64 : VC10 SP1 vcredist_x64.exe
Step 1) Download the latest version of Apache from https://www.apachelounge.com/download/ and unzip the file to a known location.
Step 2) Stop the BPPM/TSIM application
Step 3) Make a backup of the pw\Apache directory or you can make a backup of the \ProactiveNet and sub-directories
Step 4) Replace the Apache folder from Step 1 with the \pw\Apache directory
Step 5) Copy the following files from Apache backup from Step 3 and paste them at the respective location below:
Step 6) Restart the BPPM/Truesight application