[ale] OpenSSL Broken, Upgrade Now

Lightner, Jeff JLightner at dsservices.com
Wed Apr 16 10:46:34 EDT 2014 

That is for Fedora 19.   It also says Fedora 17 is unaffected.

RHEL5 was also unaffected.

That’s a nice link:  It talks about multiple distros and what you need for each.






From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Paul Cartwright
Sent: Wednesday, April 16, 2014 10:43 AM
To: ale at ale.org
Subject: Re: [ale] OpenSSL Broken, Upgrade Now

according to a web site, the patched version is still 1.0.1e-37:

https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability



For a 64 bit system:

yum -y install koji

koji download-build --arch=x86_64 openssl-1.0.1e-37.fc19.1

yum localinstall openssl-1.0.1e-37.fc19.1.x86_64.rpm
yum localinstall openssl-1.0.1e-37.fc19.1.x86_64.rpm
Loaded plugins: langpacks
Examining openssl-1.0.1e-37.fc19.1.x86_64.rpm: 1:openssl-1.0.1e-37.fc19.1.x86_64
openssl-1.0.1e-37.fc19.1.x86_64.rpm: does not update installed package.
Nothing to do



Hi

I believe the patched version is OpenSSL 1.0.1g 7 Apr 2014

Jay
On 04/16/2014 10:24 AM, Paul Cartwright wrote:

I ran that and also got the same:
openssl
OpenSSL> version
OpenSSL 1.0.1e-fips 11 Feb 2013

openssl.x86_64 1:1.0.1e-37.fc20.1 @updates
openssl-libs.i686 1:1.0.1e-37.fc20.1 @updates
openssl-libs.x86_64 1:1.0.1e-37.fc20.1 @update


but I just got an updated openssl recently..




--

Paul Cartwright

Registered Linux User #367800 and new counter #561587





Athena®, Created for the Cause™

Making a Difference in the Fight Against Breast Cancer





---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140416/b48159c3/attachment.html>

More information about the Ale mailing list