openssl bug patching
teddy
teddymills-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Apr 8 16:43:26 UTC 2014
* OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
*
* OpenSSL 1.0.1g is NOT vulnerable
* OpenSSL 1.0.0 branch is NOT vulnerable
* OpenSSL 0.9.8 branch is NOT vulnerable
On 4/8/2014 12:33 PM, teddy wrote:
>
> System admins worldwide are busy today.
> Every Linux server should be checked against the openSSL bug.
>
> http://techcrunch.com/2014/04/07/massive-security-bug-in-openssl-could-effect-a-huge-chunk-of-the-internet/
>
>
> Ubuntu 10+11 dont seem to be vulnerable.
> Ubuntu 12+13 seem to be vulnerable.
> I have not confirmed this yet.
>
> I run other Linux distros of course and those must be checked as well.
>
> Apparently from online sources, you do not need 1.01g to be secure.
> That statement seems to be correct.
> If you have an older openssl that is not vulnerable.
> I have a numbner of Ubuntu 10+11 servers that do not have the bug.
> I would prefer to check against the verified list of openssl versions
> that do have the bug.
>
> Teddy
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/legacy/attachments/20140408/f9b308a0/attachment.html>
More information about the Legacy
mailing list