[LON-CAPA-admin] Heartbleed?
Gerd Kortemeyer
korte at lite.msu.edu
Tue Apr 15 08:17:42 EDT 2014
Hi,
On Apr 15, 2014, at 8:07 AM, H. K. Ng <hkng at fsu.edu> wrote:
> Hi,
>
> From what I understand, any update on RH (centos) of openssl does not change the version number. It applies a patch to fix the bug. To see if the patch has been applied do
>
> rpm -q --changelog openssl | less
>
> The list should show a patch dated April 7 2014. Here are some of the discussions on the topic.
That is correct. Updating openssl on my CentOS 6.5 happened during routine “yum update”:
* Mon Apr 07 2014 Tomáš Mráz <tmraz at redhat.com> 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension
- Gerd.
More information about the LON-CAPA-admin
mailing list