camel-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard Kettelerij <>
Subject Re: Is Camel affected by the OpenSSL heart bleed bug?
Date Wed, 09 Apr 2014 19:04:11 GMT
Camel, CXF, Karaf are all written in Java and Java has its own crypto/SSL
implementation. There's no dependency on OpenSSL in any of those

Of course if you're running Camel/CXF/Karaf on a server that does use
OpenSSL for something else (let's say you're running Camel or CXF behind
Apache HTTPd with mod_ssl) then you may be affected by this vulnerability
since mod_ssl does use OpenSSL. But Camel, CXF, Karaf and ActiveMQ itself
don't use OpenSSL.

Kind regards,
Richard Kettelerij

On Wed, Apr 9, 2014 at 7:53 PM, bocamel <> wrote:

> We are using Camel (with CXF and Karaf).  Does anyone know if we should be
> concerned with this new OpenSSL security bug?
> Thanks!
> --
> View this message in context:
> Sent from the Camel - Users mailing list archive at

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message