Hi Stefan, Wahnsinn. Und du jonglierst mit 8 Rechnern gleichzeitig. Das nenne ich echt eine Leistung! Dem Oswald hat der Screenshot auch gut gefallen.
Frag mal nach, ob du so viele VMs gleichzeitig in der vCloud benutzen darfst. "aber wenn das jeder macht, bricht der neue Server zusammen.." höre ich die Admins schon sagen. Gruss, Dieter On Apr 8, 2014, at 6:31 PM, Keith Wesolowski <[email protected]> wrote: > On Tue, Apr 08, 2014 at 10:34:15AM -0500, Jason Lawrence wrote: > >> I checked this morning and the OpenSSL available via pkgin (2013Q3 on my >> hosts) is one of the affected versions. What is the proper way to mitigate >> this on SmartOS machines using pkgin? > > There are several cases here; please read carefully. These instructions > apply to SmartOS. Stay tuned for more formal communication from Joyent > regarding the Joyent Public Cloud, node.js, and other services. This > notice is provided for informational purposes only as a service to the > SmartOS community and does not replace formal notices issued to Joyent > customers. > > 1. If you use the images with their original pkgsrc repositories as > intended, check which package repository your image uses by looking at > /opt/local/etc/pkgin/repositories.conf. If your repository is any of > the following, and you have installed the openssl package using pkgin, > you are vulnerable: > > 2012Q4 > 2013Q1 > 2013Q2 > 2013Q3 > 2013Q4 > 2014Q1/master/wip > > A patch[0] has been prepared and updated packages are being built in the > affected repositories. These builds will take a few hours and when they > complete, updated packages will be available via pkgin. > > 2. If you are provisioning new instances, be aware that those instances > which have the openssl package installed by default will be vulnerable > until new images are spun. Accordingly, until imgadm indicates that > newer images are available, you will need to upgrade (or remove) the > openssl package via pkgin after provisioning. To do this, utter: > > pkgin update > pkgin install openssl > > Alternately, you may utter: > > pkgin full-upgrade > > 3. If you are using an OpenSSL that was not installed via pkgin, you > will need to either obtain a patch and rebuild your OpenSSL from source, > or upgrade to OpenSSL 1.0.1g. > > 4. In all of the above cases, after upgrading, you must restart any TLS > servers that may be consuming the OpenSSL libraries in order for the > upgrade to take effect. If you are unsure which services are TLS > servers, the simplest and safest way to ensure your upgrade takes effect > is to reboot your zone. > > 5. KVM instances must be upgraded according to the instructions provided > by your guest OS vendor. > > 6. The platform contains 2 different versions of OpenSSL libraries; > however, SmartOS platform images have not contained OpenSSL headers or > compilation symlinks for over a year. Therefore, it is highly unlikely > that any TLS servers are running that are linked with either of these > libraries. In addition, the only usable platform OpenSSL libraries > provided are version 0.9.8, which does not contain this bug. The other > version of the libraries delivered *is* vulnerable; however, the > platform does not by default run any services that provide TLS using > these libraries. Nevertheless, a subsequent SmartOS platform image will > have a fix for this bug, either via a patch or by upgrading to 1.0.1g or > later. > > [0] > https://github.com/joyent/pkgsrc/commit/fec1169d9884645efbb61399bc618ceec4084b02 > > > ------------------------------------------- > smartos-discuss > Archives: https://www.listbox.com/member/archive/184463/=now > RSS Feed: https://www.listbox.com/member/archive/rss/184463/25373071-95988cd8 > Modify Your Subscription: https://www.listbox.com/member/?&; > Powered by Listbox: http://www.listbox.com ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
