Re: Serious OpenSSL vulnerability
eoconnor25@gmail.com
eoconnor25 at gmail.com
Wed Apr 9 22:30:08 UTC 2014
I gotta say....I'm so impressed with the way this issue has been handled by the developers here @ Fedora....I've updated all three of my Fedora boxes....and will sleep soundly knowing the vulnerability has been addressed by the best and brightest! So a heart felt "Thank You" to the Guys and Gals who have dedicated their time to creating the BEST operating system to ever grace my Dell computers!!!
----- Reply message -----
From: "Dan Thurman" <dant at cdkkt.com>
To: "Community support for Fedora users" <users at lists.fedoraproject.org>
Subject: Serious OpenSSL vulnerability
Date: Wed, Apr 9, 2014 2:52 pm
On 04/08/2014 02:55 AM, Patrick O'Callaghan wrote:
> https://www.openssl.org/news/secadv_20140407.txt
>
> See also http://heartbleed.com/ and
> http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/
>
> This is potentially very serious and can cause leakage of private keys
> and other information.
>
> The current version of OpenSSL on Fedora (standard repos and Koji) is
> 1.0.1e, which has this vulnerability. An upgrade to 1.0.1g should be
> provided urgently.
>
> poc
>
I know that F18 is EOL & vulnerable, so
can I backport OpenSSL with a fix? I am'
not ready to upgrade at this time...
Dan
--
users mailing list
users at lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20140409/e82ff4de/attachment-0001.html>
More information about the users
mailing list