H+H Software GmbH

The HAN knowledge base

The HAN knowledge base helps you with smaller problems.

NetMan5.NDM NetMan5.Enterprise NetMan5 NetMan.Education Module NetMan.Desktop Manager NetMan HAN.V5

H+H products not affected by OpenSSL security vulnerability

All current versions of H+H software products are not affected by the critical vulnerability in OpenSSL.

The two critical vulnerabilities in the OpenSLL libraries, described in CVE-2022-3602, CVE-2022-3786, do not affect the current versions of our software products.
According to OpenSSL's announcement, the vulnerability only affects the modules in version 3.0.0 - 3.0.6.

In HAN, the current version 5.2.2 uses Apache 2.4.51 together with the OpenSSL library (1.1.1l).
In NetMan for Schools, Apache version 2.4.51 with the OpenSSL library (1.1.1l) has also been used since December 2021 (from version

Customers with an older NetMan for Schools version should contact nmsupport@hh-software.com . In this case, an update to the latest version of NetMan for Schools should be installed.

Customers using NetMan Enterprise or NetMan Desktop Manager are also not affected. The version of the OpenSSL library used here is not affected by the current security vulnerability. We have taken the current situation as an opportunity to also integrate the latest version of OpenSSL into NetMan Enterprise and NetMan Desktop Manager and thus further increase the security of your systems. For an update to these current versions, please also contact nmsupport@hh-software.com .