[LON-CAPA-admin] Heartbleed?

Neubauer, Paul pneubauer at bsu.edu
Tue Apr 15 08:20:40 EDT 2014

Good! Thanks, H.K. and Gerd. I will update ASAP.

-----Original Message-----
From: lon-capa-admin-bounces at mail.lon-capa.org [mailto:lon-capa-admin-bounces at mail.lon-capa.org] On Behalf Of Gerd Kortemeyer
Sent: Tuesday, April 15, 2014 8:18 AM
To: list about administration and system updating
Subject: Re: [LON-CAPA-admin] Heartbleed?


On Apr 15, 2014, at 8:07 AM, H. K. Ng <hkng at fsu.edu> wrote:

> Hi,
> From what I understand, any update on RH (centos) of openssl does not change the version number. It applies a patch to fix the bug. To see if the patch has been applied do
> rpm -q --changelog openssl | less
> The list should show a patch dated April 7 2014. Here are some of the discussions on the topic.

That is correct. Updating openssl on my CentOS 6.5 happened during routine "yum update":

* Mon Apr 07 2014 Tomáš Mráz <tmraz at redhat.com> 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

- Gerd.
LON-CAPA-admin mailing list
LON-CAPA-admin at mail.lon-capa.org

More information about the LON-CAPA-admin mailing list