Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.security > #484

Re: heardbleed bug and openssl

Newsgroups comp.os.linux.security
Date 2014-04-14 08:48 -0700
References <003ee7a0-e43e-491c-935a-d8f67cbe8f15@googlegroups.com>
Message-ID <2bd15321-3344-4d97-ab58-784b410ea490@googlegroups.com> (permalink)
Subject Re: heardbleed bug and openssl
From Steve Wolf <stevwolf58@gmail.com>

Show all headers | View raw

Thanks for the answers,

According to the article that was pointed out by Keith K, Im NOT susceptible.
---------------------------------------------------------
What versions of the OpenSSL are affected?

 Status of different versions:

 OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
 OpenSSL 1.0.1g is NOT vulnerable
 OpenSSL 1.0.0 branch is NOT vulnerable
 OpenSSL 0.9.8 branch is NOT vulnerable
 Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.
----------------------------------------------------------------

If I read my version correctly I have 0.7
This is not 1.0.1 through 1.0.1f
Thus mine is not affected ?? Yet Jim says it is.

Am I reading something incorrectly. I dont know much about all this version info.
thanks.

Back to comp.os.linux.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

heardbleed bug and openssl Steve Wolf <stevwolf58@gmail.com> - 2014-04-14 07:48 -0700
  Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 07:55 -0700
  Re: heardbleed bug and openssl Jim Beard <jdbeard@patriot.net> - 2014-04-14 15:05 +0000
    Re: heardbleed bug and openssl Aragorn <thorongil@telenet.be.invalid> - 2014-04-14 17:58 +0200
  Re: heardbleed bug and openssl Steve Wolf <stevwolf58@gmail.com> - 2014-04-14 08:48 -0700
    Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 10:29 -0700
      Re: heardbleed bug and openssl colinmarr0@gmail.com - 2014-04-14 10:48 -0700
        Re: heardbleed bug and openssl "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2014-04-14 14:08 -0400
        Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 18:47 +0000
        Re: heardbleed bug and openssl Joe Beanfish <joebeanfish@nospam.duh> - 2014-04-15 13:36 +0000
      Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 18:46 +0000
        Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 12:28 -0700
          Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 21:18 +0000
            Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 14:48 -0700
    Re: heardbleed bug and openssl Jim Beard <jdbeard@patriot.net> - 2014-04-15 01:44 +0000
  Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 17:10 +0000
  Re: heardbleed bug and openssl "Trevor Hemsley" <Trevor.Hemsley@mytrousers.ntlworld.com> - 2014-04-15 05:38 -0500

csiph-web