OpenSSL heartbleed

**clm** · 04-08-2014, 12:39 PM

I belive this is already fixed :

Code:

rpm -q --changelog openssl|head

* lun. avril 07 2014 TomÃ¡Å¡ MrÃ¡z  1.0.1e-16.7

- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension

* mar. janv. 07 2014 TomÃ¡Å¡ MrÃ¡z  1.0.1e-16.4

- fix CVE-2013-4353 - Invalid TLS handshake crash

* lun. janv. 06 2014 TomÃ¡Å¡ MrÃ¡z  1.0.1e-16.3

- fix CVE-2013-6450 - possible MiTM attack on DTLS1

* ven. dÃ©c. 20 2013 TomÃ¡Å¡ MrÃ¡z  1.0.1e-16.2

Thanks

**merlin** · 04-08-2014, 07:28 PM

I see the same if the changelog however the system is still showing as vulnerable

**merlin** · 04-08-2014, 07:37 PM

Every server we have thats using cloudlinux is displaying as vulnerable
all other servers are not

**paschalakis** · 04-08-2014, 09:06 PM

Any updates yet ?

**cloudlinux.com.forums** · 04-08-2014, 09:19 PM

After updating OpenSSL, you must either restart applicable services or reboot the server before the change will take effect.

OpenSSL heartbleed

OpenSSL heartbleed

Comment

Comment

Comment

Comment

Comment