Monsta_AU
...can I interest you in some vintage blades?
Staff member
Forum Administrator
Grand Society
- Joined
- Feb 2, 2011
- Location
- Guildford.nsw.au
Not sure if you have heard, but there is a current vulnerability with OpenSSL that allows an attacker to gain the private keys of a server. That's a VeryBadThing®
There is a tester at http://filippo.io/Heartbleed/
I have now patched all servers in my control, and we are running the correct version of OpenSSL with the backported patch in place -
I believe being open about the environment this site runs on is important to the trust that users have. This announcement is made in that spirit.
There is a tester at http://filippo.io/Heartbleed/
I have now patched all servers in my control, and we are running the correct version of OpenSSL with the backported patch in place -
Code:
# rpm -q --changelog openssl | grep -B 1 CVE-2014-0160
* Mon Apr 07 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extensionI believe being open about the environment this site runs on is important to the trust that users have. This announcement is made in that spirit.