Which program do I upgrade to fix Heartbleed bug?
http://safeweb.norton.com/heartbleed/
is showing me my server is vulnerable.
I'm using dev-libs/openssl-0.9.8y
Why safeweb.norton is triggering my server vulnerable?
--
Joseph
On 04/28/14 09:17, Joseph wrote:
Which program do I upgrade to fix Heartbleed bug?
http://safeweb.norton.com/heartbleed/
is showing me my server is vulnerable.
I'm using dev-libs/openssl-0.9.8y
Why safeweb.norton is triggering my server vulnerable?
I'm using apache-2.2.25
Which file contain
On Mon, 28 Apr 2014 10:02:52 -0600
Joseph syscon...@gmail.com wrote:
On 04/28/14 09:17, Joseph wrote:
Which program do I upgrade to fix Heartbleed bug?
http://safeweb.norton.com/heartbleed/
is showing me my server is vulnerable.
I'm using dev-libs/openssl-0.9.8y
Why safeweb.norton is
On 04/28/14 20:13, Tom Wijsman wrote:
On Mon, 28 Apr 2014 10:02:52 -0600
Joseph syscon...@gmail.com wrote:
On 04/28/14 09:17, Joseph wrote:
Which program do I upgrade to fix Heartbleed bug?
http://safeweb.norton.com/heartbleed/
is showing me my server is vulnerable.
I'm using
On Mon, Apr 28, 2014 at 2:34 PM, Joseph syscon...@gmail.com wrote:
But what puzzle me is when I downgraded it to 1.0.0j (uneffected version) I
could not restart apache. I was getting an error:
/etc/init.d/apache2 restart
* apache2 has detected an error in your setup:
apache2: Syntax error
On Mon, Apr 28, 2014 at 2:34 PM, Joseph syscon...@gmail.com wrote:
No, I was wrong. I had both version istalled: 0.9.8y and 1.0.1f
and the one that was in use was buggy one: 1.0.1f
I recompile 1.0.1f without tls-heartbeat and the problem is solved.
Why not run emerge --sync and upgrade to
On 04/28/14 14:54, Mike Gilbert wrote:
On Mon, Apr 28, 2014 at 2:34 PM, Joseph syscon...@gmail.com wrote:
No, I was wrong. I had both version istalled: 0.9.8y and 1.0.1f
and the one that was in use was buggy one: 1.0.1f
I recompile 1.0.1f without tls-heartbeat and the problem is solved.
Why
On Mon, 28 April 2014, at 8:09 pm, Joseph syscon...@gmail.com wrote:
On 04/28/14 14:54, Mike Gilbert wrote:
On Mon, Apr 28, 2014 at 2:34 PM, Joseph syscon...@gmail.com wrote:
No, I was wrong. I had both version istalled: 0.9.8y and 1.0.1f
and the one that was in use was buggy one: 1.0.1f
I
On 04/28/2014 12:02 PM, Joseph wrote:
I'm using apache-2.2.25
Which file contain setting for: SSLCompression
I'm trying to turn it off.
It's on by default in apache-2.2. Place the following somewhere in
40_mod_ssl.conf, between IfModule ssl_module and /IfModule:
# Disable CRIME attack
9 matches
Mail list logo