[afnog] Time to update openssl
MANGA Willy Ted
mangawilly at gmail.com
Tue Apr 8 07:35:15 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
Le 08/04/2014 05:49, Seun Ojedeji a écrit :
> Status of different versions:
>
> OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable OpenSSL
> 1.0.1g is NOT vulnerable OpenSSL 1.0.0 branch is NOT vulnerable
> OpenSSL 0.9.8 branch is NOT vulnerable
>
> What I find interesting is that older versions are safe, perhaps a
> disadvantage for doing updates ;) but again one may argue that the
> older version are not necessarily free of other known bugs.
Hearbeat extension was introduced on recent versions of Openssl .
That's why older versions are not «affected» ;)
[..]
- --
Willy Manga
freenode: ongolaBoy
Ubuntu Cameroonian Loco Team
https://launchpad.net/~manga-willy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJTQ6ayAAoJELJWcwZanTJqZtMP/AhIIkweCLx3ZhGXhPoYDLIU
JMYwr1jVq3fWtU1HoFWcfpXVsup01hg9RN89Z+DmFFZANbCmPgQcC6AX3pfSMqsi
5DtA2elmLnz+Hze1iXbkVajdYbT0yViwAWrYLIORwj5rYN1stvGshYXd5XLwJ/oE
HupStDK9AmjK7lJKUtjjgLMKDptU3dlGvdM2L3aWdG7uzyddqqk5/02hoawZ/1Kc
k2gFR/mVEQA7K+C2GsGgmdKM+JBKF8N9Ts+xtA37b9VLp0nlSr3aH9BPma9PRXSx
k7nd5YCwk6WIKTPgclbzWX48OqGBQ4f1O1H6KEwr/GlLXr/u3JiESJaWXPSfr4uF
3mCc5PqtT4OAwSOHOlKaO4fCEiQE8OzNYoTFNqEsc3o5vmJu/tNRuBu+7PJMbxGq
4tt1Tx8BNvTdRRkgLcGOm9GnIGLxCqmgfDOkJo50N+VigviWs0vmK6kCJzKe0JuG
u3Zm8dj0XanI8LfafnhJJMUl3iUa9v0lEYW5Mp+wn0DiwEPFdP5N+O0l9gVtYw3w
YLWb81t9mcI2N+28C3HuC+HTbA46UcY7VnmgHctMvgUiMCcGFZ+rcgyahAWx/wch
swCz34jQkKnDRLx84I42GpXFq8G9ilu8RPdoI1KLkZ6+/PxGWOTd2rEpNU00yDBO
FmBpatyukepxjPjo84QU
=a9lf
-----END PGP SIGNATURE-----
More information about the afnog
mailing list