The NetMan knowledge base
Tags NetMan5.NDM NetMan5.Enterprise NetMan5 NetMan.Education Module NetMan.Desktop Manager NetMan HAN.V5
H+H products not affected by OpenSSL security vulnerability
All current versions of H+H software products are not affected by the critical vulnerability in OpenSSL.
The two critical vulnerabilities in the OpenSLL libraries, described in CVE-2022-3602, CVE-2022-3786, do not affect the current versions of our software products.
According to OpenSSL's announcement, the vulnerability only affects the modules in version 3.0.0 - 3.0.6.
In HAN, the current version 5.2.2 uses Apache 2.4.51 together with the OpenSSL library 1.1.1.12 (1.1.1l).
In NetMan for Schools, Apache version 2.4.51 with the OpenSSL library 1.1.1.12 (1.1.1l) has also been used since December 2021 (from version 5.8.0.448).
Customers with an older NetMan for Schools version should contact nmsupport@hh-software.com . In this case, an update to the latest version of NetMan for Schools should be installed.
Customers using NetMan Enterprise or NetMan Desktop Manager are also not affected. The version of the OpenSSL library used here is not affected by the current security vulnerability. We have taken the current situation as an opportunity to also integrate the latest version of OpenSSL into NetMan Enterprise and NetMan Desktop Manager and thus further increase the security of your systems. For an update to these current versions, please also contact nmsupport@hh-software.com .