Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.security > #485
| From | Aragorn <thorongil@telenet.be.invalid> |
|---|---|
| Newsgroups | comp.os.linux.security |
| Subject | Re: heardbleed bug and openssl |
| Followup-To | comp.os.linux.security |
| Date | 2014-04-14 17:58 +0200 |
| Organization | A noiseless patient Strider |
| Message-ID | <lih0j0$76v$1@dont-email.me> (permalink) |
| References | <003ee7a0-e43e-491c-935a-d8f67cbe8f15@googlegroups.com> <ligtg3$ca8$1@dont-email.me> |
Followups directed to: comp.os.linux.security
On Monday 14 April 2014 17:05, Jim Beard conveyed the following to
comp.os.linux.security...
> On Mon, 14 Apr 2014 07:48:01 -0700, Steve Wolf wrote:
>
>> Can anyone tell me if the following is suceptable to the heart bleed
>> bug.
>>
>> openssl-0.9.7a-43.18.el4
>>
>> I dont know much about these things but they say its with version
>> OpenSSL version 1.0.1.
>>
>> Can anyone tell me if this version of software is succepable to it.
>
> IIRC, the g version is not susceptible (and versions before
> introduction of the vulnerability likewse), but the above is the e
> version and vulnerable.
Not quite. Look at the version number, Jim.
He's got 0.9.7. The vulnerability was only introduced in 1.0.1. 1.0.0
and 0.x.x versions are unaffected.
--
= Aragorn =
http://www.linuxcounter.net - registrant #223157
Back to comp.os.linux.security | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
heardbleed bug and openssl Steve Wolf <stevwolf58@gmail.com> - 2014-04-14 07:48 -0700
Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 07:55 -0700
Re: heardbleed bug and openssl Jim Beard <jdbeard@patriot.net> - 2014-04-14 15:05 +0000
Re: heardbleed bug and openssl Aragorn <thorongil@telenet.be.invalid> - 2014-04-14 17:58 +0200
Re: heardbleed bug and openssl Steve Wolf <stevwolf58@gmail.com> - 2014-04-14 08:48 -0700
Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 10:29 -0700
Re: heardbleed bug and openssl colinmarr0@gmail.com - 2014-04-14 10:48 -0700
Re: heardbleed bug and openssl "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2014-04-14 14:08 -0400
Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 18:47 +0000
Re: heardbleed bug and openssl Joe Beanfish <joebeanfish@nospam.duh> - 2014-04-15 13:36 +0000
Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 18:46 +0000
Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 12:28 -0700
Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 21:18 +0000
Re: heardbleed bug and openssl Keith Keller <kkeller-usenet@wombat.san-francisco.ca.us> - 2014-04-14 14:48 -0700
Re: heardbleed bug and openssl Jim Beard <jdbeard@patriot.net> - 2014-04-15 01:44 +0000
Re: heardbleed bug and openssl William Unruh <unruh@invalid.ca> - 2014-04-14 17:10 +0000
Re: heardbleed bug and openssl "Trevor Hemsley" <Trevor.Hemsley@mytrousers.ntlworld.com> - 2014-04-15 05:38 -0500
csiph-web