[Ach] OpenSSL 'heartbleed' bug

Axel Hübl axel.huebl at web.de
Tue Apr 8 16:11:06 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I can confirm that (apache2 & sshd "wheezy" installs).

also:
  "ssh -V" seems a bit outdated on them.
check with "dpkg -l | grep openssl" for the "1.0.1e-2+deb7u5" update
on wheezy.

Axel
On 08.04.2014 13:19, Ralf Schlatterbeck wrote:
> If you're upgrading debian-based servers (ubuntu too) be sure to
> restart all the services. This is currently *not* done by the
> installer and you stay vulnerable (!)
> 
> Just tested one of my servers with the script on github mentioned
> in the OpenVPN thread.
> 
> Ralf
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJTRAN6XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRDMjAzN0EzNzlGM0JGMzFGQ0VFOTJDNENE
RDNGNjFFNUYxMTMyRjY1AAoJEN0/YeXxEy9lLysP/2xXeRT37UIp8DZz7DkDcl1M
9U4NhlXvW5bEdPfYuA5sjCsYrxsZHHpieizvtOUDP6pPWUurOR2a2/oGEVbFSRXg
D6ihf0PtTg19OWNvZ62Q/zd0IXPfQoDUtAhtOIWZZFAzwswQBuAKeiLm1UmMV84O
78fBna5IvKOq5WCN6rARHd6zD2iZMnC85HYZsWfqSOl1waJiKM5LW16fQWIjZC6F
azKKfq+h4wpKsxw28px+WVhZJM5pcB7jbXAIJGZI++yvSj9xjBK+TynooYciWI8y
nFZ+igLS2PxQh3AI/OijduofnF+vlEpIYuNdKI+q34wM/8NIZhmJo7OcwFSjMgAT
9NHCprk7MrspD49oTdCJPqsgtXbAHP0WRsDtUXP83baPcebnDEuBrQPby3buyDz8
RLJffMWdqAfEYLdQ1SrLRL6ddEjjAN3wp6ZTv6CMzf4lk5/riD9W5P3lPXYBuW+s
q3JmEIeHcjTF7Sow0cojZtqlit6ltSToLuyN5rt+xkKUDuq61HVBFEXKNm+fD1fY
3RfUxH1TYdpuXbAglrzePUv3nFNtIwNEdIz7iG8YvNSVOl7AMpQmKnAMhiVWufzH
JDGOr/H6UWWFspTzkKat0mOajTm67Z9iMXkx6qo/ekGiKB/wEsW8g2iZ+ir3zSGz
5M5MeVb7IyAnHcZPnm5U
=SCbz
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3740 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140408/5dba6329/attachment.bin>


More information about the Ach mailing list