This is bs.
https://news.ycombinator.com/item?id=7701208
On Tue, 6 May 2014, Odinn Cyberguerrilla wrote:
Date: Tue, 6 May 2014 09:41:57 -0700
From: Odinn Cyberguerrilla <[email protected]>
To: Matej Kovacic <[email protected]>
Cc: [email protected]
Subject: Re: OpenSSH memory leak
Hi,
(NOT OpenSSL!)
in case you didn't came aroud this:
http://pastebin.com/gjkivAf3
Unfortunately, there is no patch yet...
Regards,
M.
Possibly related is this:
Let's say you are in some garden variety Ubuntu and as of May 5 or
thereabouts, you were happily sitting on the best version available of
OpenSSL which would be (as of April 2014): OpenSSL1.0.1g 7 Apr 2014
And then sometime late on May 5, 2014 you decided to do this in your
terminal...
sudo apt-get update && sudo apt-get upgrade
Oh, well that was interesting
Now go back in and do this
openssl version -a
Wait a minute...
yes, most people are going to have to go back in and
curl https://www.openssl.org/source/openssl-1.0.1g.tar.gz | tar xz && cd
openssl-1.0.1g && sudo ./config && sudo make && sudo make install
History repeats itself
[email protected]
SDF Public Access UNIX System - http://sdf.lonestar.org
