[ale] OpenSSL Broken, Upgrade Now

Lightner, Jeff JLightner at dsservices.com
Wed Apr 16 12:38:52 EDT 2014


By the way so it doesn’t get lost in the thread:

Applying the update is only the FIRST step.

It is also necessary to stop/start any currently running apps using openssl for the update to take effect for them.  (e.g. for RHEL/Fedora you might need to run “service httpd restart”)   The easiest way to insure everything is OK is to reboot after the update because that will stop/start everything.

From: Lightner, Jeff
Sent: Wednesday, April 16, 2014 12:36 PM
To: 'pbcartwright at gmail.com'; Atlanta Linux Enthusiasts
Subject: RE: [ale] OpenSSL Broken, Upgrade Now

According to the link below 20’s update is available and it is done similar to 19:
https://lists.fedoraproject.org/pipermail/announce/2014-April/003205.html

Jeffrey C. Lightner
Sr. UNIX Administrator

DS Services of America, Inc.
5660 New Northside Drive NW
Suite 250
Atlanta, GA  30328

P: 678-486-3516
C: 678-772-0018
F: 678-460-3603
E: jlightner at dsservices.com<mailto:jlightner at dsservices.com>

From: Paul Cartwright [mailto:pbcartwright at gmail.com]
Sent: Wednesday, April 16, 2014 10:49 AM
To: Lightner, Jeff; Atlanta Linux Enthusiasts
Subject: Re: [ale] OpenSSL Broken, Upgrade Now

and I am running Fedora 20... it didn't mention how to fix 20..
That is for Fedora 19.   It also says Fedora 17 is unaffected.

RHEL5 was also unaffected.

That’s a nice link:  It talks about multiple distros and what you need for each.






From: ale-bounces at ale.org<mailto:ale-bounces at ale.org> [mailto:ale-bounces at ale.org] On Behalf Of Paul Cartwright
Sent: Wednesday, April 16, 2014 10:43 AM
To: ale at ale.org<mailto:ale at ale.org>
Subject: Re: [ale] OpenSSL Broken, Upgrade Now

according to a web site, the patched version is still 1.0.1e-37:

https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability



For a 64 bit system:

yum -y install koji

koji download-build --arch=x86_64 openssl-1.0.1e-37.fc19.1

yum localinstall openssl-1.0.1e-37.fc19.1.x86_64.rpm
yum localinstall openssl-1.0.1e-37.fc19.1.x86_64.rpm
Loaded plugins: langpacks
Examining openssl-1.0.1e-37.fc19.1.x86_64.rpm: 1:openssl-1.0.1e-37.fc19.1.x86_64
openssl-1.0.1e-37.fc19.1.x86_64.rpm: does not update installed package.
Nothing to do



Hi

I believe the patched version is OpenSSL 1.0.1g 7 Apr 2014

Jay
On 04/16/2014 10:24 AM, Paul Cartwright wrote:

I ran that and also got the same:
openssl
OpenSSL> version
OpenSSL 1.0.1e-fips 11 Feb 2013

openssl.x86_64 1:1.0.1e-37.fc20.1 @updates
openssl-libs.i686 1:1.0.1e-37.fc20.1 @updates
openssl-libs.x86_64 1:1.0.1e-37.fc20.1 @update


but I just got an updated openssl recently..




--

Paul Cartwright

Registered Linux User #367800 and new counter #561587





Athena®, Created for the Cause™

Making a Difference in the Fight Against Breast Cancer





---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------





--

Paul Cartwright

Registered Linux User #367800 and new counter #561587
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20140416/21ea4f0e/attachment-0001.html>


More information about the Ale mailing list