[LON-CAPA-admin] Heartbleed?

H. K. Ng hkng at fsu.edu
Tue Apr 15 08:07:21 EDT 2014


Hi,

>From what I understand, any update on RH (centos) of openssl does not
change the version number. It applies a patch to fix the bug. To see if the
patch has been applied do

rpm -q --changelog openssl | less

The list should show a patch dated April 7 2014. Here are some of the
discussions on the topic.

http://stackoverflow.com/questions/22952287/how-to-upgrade-openssl-in-centos-6-5-linux-unix-from-source

http://www.howtoforge.com/find_out_if_server_is_affected_from_openssl_heartbleed_vulnerability_cve-2014-0160_and_how_to_fix

-hk




On Tue, Apr 15, 2014 at 7:39 AM, Neubauer, Paul <pneubauer at bsu.edu> wrote:

> Hello all,
>
> I see that the latest list of "RPMs to update" only includes
> openssl.x86_64                             1.0.1e-16.el6_5.7
> updates
>
> According to the openssl.org website, the Heartbleed bug affects versions
> through 1.0.1f and the fixed version is 1.0.1g.
>
> Is there any plan to add 1.0.1g to the repository any time soon?
> Alternatively, does anyone have a suggestion for a repository with 1.0.1g?
>
> Thanks,
> Paul
>
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.lon-capa.org/pipermail/lon-capa-admin/attachments/20140415/4c2b0502/attachment.html>


More information about the LON-CAPA-admin mailing list