On 04/08/2014 01:04 PM, Peter Peterse wrote:
Finn Buhelt schreef op 8-4-2014 21:53:
Hi list

Will this affects QMT ? ( latest release uses openssl-1.01 which is hit)

"New security holes are always showing up. The latest one, the
so-called <http://heartbleed.com/>Heartbleed Bug <http://heartbleed.com/>
 in the OpenSSL <https://www.openssl.org/> cryptographic library, is
an especially bad one"  - taken from zdnet.com


Hi Finn,

I've read CentOS 6 is affected and CentOS 5 not.

CentOS 5.10 contains OpenSSL 0.9.8e


RHEL/CentOS has fixed this in openssl-1.0.1e-16.el6_5.7
The fixed package was in all of the mirrors I happened to catch.

To check if your package has the fix applied, you can:
$ rpm -q openssl --changelog | grep CVE-2014-0160
If you get nothing back (and you're on COS6) you should (yum) update your openssl package.

-Eric 'shubes'

To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to