Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.security > #497

Re: heardbleed bug and openssl

From Joe Beanfish <joebeanfish@nospam.duh>
Newsgroups comp.os.linux.security
Subject Re: heardbleed bug and openssl
Date 2014-04-15 13:36 +0000
Organization A noiseless patient Spider
Message-ID <lijcki$p2u$1@dont-email.me> (permalink)
References <003ee7a0-e43e-491c-935a-d8f67cbe8f15@googlegroups.com> <2bd15321-3344-4d97-ab58-784b410ea490@googlegroups.com> <dhit1bxfn.ln2@goaway.wombat.san-francisco.ca.us> <fb0f7494-d5fb-45ea-9c2b-17723aa82dd7@googlegroups.com>

Show all headers | View raw

On Mon, 14 Apr 2014 10:48:31 -0700, colinmarr0 wrote:
>> Can anyone tell me if the following is suceptable to the heart bleed 
>> bug.
>> 
>> openssl-0.9.7a-43.18.el4
>>
> Thanks.
> It looks like Im safe from that.
> Its a funny thing isnt it,  If you have the old version it's safe if you
> have the new version its not safe.
> 
> I will take a look at the link you have provided,
> Thanks.

You're not susceptible to heartbleed, but you're most likely susceptible
to a plethora of other bugs fixed between 0.9.7a and 1.0.1. Some fixes
have been backported to redhat's flavor of 0.9.7 but not all.

Back to comp.os.linux.security | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

heardbleed bug and openssl Steve Wolf <stevwolf58@gmail.com> - 2014-04-14 07:48 -0700
  Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 07:55 -0700
  Re: heardbleed bug and openssl Jim Beard <jdbeard@patriot.net> - 2014-04-14 15:05 +0000
    Re: heardbleed bug and openssl Aragorn <thorongil@telenet.be.invalid> - 2014-04-14 17:58 +0200
  Re: heardbleed bug and openssl Steve Wolf <stevwolf58@gmail.com> - 2014-04-14 08:48 -0700
    Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 10:29 -0700
      Re: heardbleed bug and openssl colinmarr0@gmail.com - 2014-04-14 10:48 -0700
        Re: heardbleed bug and openssl "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2014-04-14 14:08 -0400
        Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 18:47 +0000
        Re: heardbleed bug and openssl Joe Beanfish <joebeanfish@nospam.duh> - 2014-04-15 13:36 +0000
      Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 18:46 +0000
        Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 12:28 -0700
          Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 21:18 +0000
            Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 14:48 -0700
    Re: heardbleed bug and openssl Jim Beard <jdbeard@patriot.net> - 2014-04-15 01:44 +0000
  Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 17:10 +0000
  Re: heardbleed bug and openssl "Trevor Hemsley" <Trevor.Hemsley@mytrousers.ntlworld.com> - 2014-04-15 05:38 -0500

csiph-web