• Security Issue: Outside In Viewer Technology

    Recently, Novell was alerted to a security vulnerability in one of the components that is embedded with the GroupWise product. The Outside In viewer technology, provided by our partner Oracle, needs to be patched.

    We issued the following TID today: http://www.novell.com/support/kb/doc.php?id=7010569

    We have also notified US CERT, the organization who issued the advisory.

    The text of the TID is this:

    US-CERT recently disclosed a security vulnerability in the Oracle "Outside In" viewer technology (see http://www.kb.cert.org/vuls/id/118913) that is licensed by Novell for use in GroupWise.

    Novell has received updated software from Oracle to address these security issues on the Windows and Linux platforms. These fixes will be included in the updated viewers in our upcoming releases for GroupWise 8 and GroupWise 2012. Novell is working with Oracle to address this same vulnerability on the NetWare platform.

    As stated previously:

    "Novell and GroupWise take every security report very seriously. Novell expects our community to be well informed and well protected. GroupWise is very reliable and customers expect it to be the very best.
    Policy states: - All security issues should be taken seriously and patches applied.
    Please follow Best Practices guidelines for updating your system when applying this patch."