Announcement

Collapse
No announcement yet.

OpenSSL heartbleed

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSSL heartbleed

    Hello,

    Any chance of releasing quickly the latest openssl redhat has published ?



    Thanks !

  • #2
    I belive this is already fixed :

    Code:
    rpm -q --changelog openssl|head
    
    * lun. avril 07 2014 Tomáš Mráz  1.0.1e-16.7
    
    - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension
    
    * mar. janv. 07 2014 Tomáš Mráz  1.0.1e-16.4
    
    - fix CVE-2013-4353 - Invalid TLS handshake crash
    
    * lun. janv. 06 2014 Tomáš Mráz  1.0.1e-16.3
    
    - fix CVE-2013-6450 - possible MiTM attack on DTLS1
    
    * ven. déc. 20 2013 Tomáš Mráz  1.0.1e-16.2
    Thanks

    Comment


    • #3
      I see the same if the changelog however the system is still showing as vulnerable

      Comment


      • #4
        Every server we have thats using cloudlinux is displaying as vulnerable
        all other servers are not

        Comment


        • #5
          Any updates yet ?

          Comment


          • #6
            After updating OpenSSL, you must either restart applicable services or reboot the server before the change will take effect.

            Comment

            Working...
            X