Apigee Release Schedule

Apigee Edge: Tue-Thu 12am to 4am in Singapore, Central European, and US Eastern time zones (learn more)

Read the release notes to learn what is new.

Apigee OpenSSL Update
Scheduled Maintenance Report for Apigee
In progress
Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Nov 02, 2022 - 16:45 PDT
On this page, we provide the latest update of the potential impact of the recently announced OpenSSL vulnerabilities(https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/) on Apigee products and services. Investigations are ongoing as this is a developing event. We will continue to assess potential impact as we learn more, and we will update this post with details on any impacted Apigee products and services.

As Apigee components do not explicitly install the OpenSSL package in the base images, Apigee products are not found to be impacted with the OpenSSL vulnerability reported on OpenSSL 3.x.

As of this publication, we have found no evidence of any exploitation activities.

On November 1, the OpenSSL project team released (https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/) OpenSSL version 3.0.7 to fix two vulnerabilities in OpenSSL 3.0.x. OpenSSL initially suggested (https://mta.openssl.org/pipermail/openssl-announce/2022-October/000238.html) that the pending release would resolve a critical vulnerability. The version 3.0.7 release, however, assigned a high severity to both vulnerabilities. This assessment was based on further technical review and alignment with OpenSSL’s security policies (https://www.openssl.org/policies/general/security-policy.html).

We’ll share more information with customers as it becomes available and update this page with the results of our investigation and any guidance if appropriate.

Please also refer to Google Cloud Security Advisory at https://cloud.google.com/openssl-security-advisory
Posted Nov 02, 2022 - 16:41 PDT