Am 12.04.2014 20:21, schrieb mi2 co2: > Hi - I have a question regarding heartbleed and httpd configuration data > leakage. It was suggested that I ask this > on the dev list as well. > > Should someone have been exploiting this bug, would it be possible that httpd > configuration data, derived via httpd > confg files and in apache's memory, could have been leaked out through these > openssl malloc calls? Or is the memory > space those malloc calls for the openssl encryption/decryption layer isolated > from the memory where httpd > configuration is stored?
http://xkcd.com/1354/ it affects the memory of httpd, in doubt any random memory of httpd whatever critical / sensible data may accessed by httpd have to be considered no longer to be private anything else is talking about how likely possible somethings is there is no proof possible - negative or positive
signature.asc
Description: OpenPGP digital signature
