As most of you know, a security flaw has been discovered in the popular OpenSSL cryptographic software library that is used by up to two thirds of the internet. There is no evidence that Serena or your data has been compromised in any way. More information is available on the OpenSSL website at https://www.openssl.org/, where you can read their security advisory.
Our engineering team has analyzed Serena Business Manager, Dimensions CM, Dimensions RM, PVCS Version Manager, ChangeMan DS and our Mainframe products and have determined they are not at risk.
In order to further protect our On-Demand customers, we re-applied all SSL certificates and updated all cores and data centers for our SaaS environment on Friday, April 11th. Out of an abundance of caution, we recommend On-Demand customers who are not using Single Sign-On (SSO) change their passwords and require users to create a new password at the next logon.
If you have any questions or concerns, please do not hesitate to contact one of my customer support professionals. Contact details are available at http://support.serena.com.
|Peter Sianchuk is Group Vice President, Customer Experience & IT at Serena Software. He leads the Customer Support organization, the Information Technology department, and the PMO.|