I'm sure most of you have heard about the recent OpenSSL heartbleed voulnerability over the last few days. I have updated OpenSSL to the latest version which includes a fix for this.
Please update at your earliest convenience as the data that OpenSSL leaks can include passwords, authentication cookies or the server's private RSA key. Changing all the private keys, certificates and passwords that may have been transmitted over SSL on the affected servers is also recommended. I wouldn't normally bother mentioning an update of any single package on the mailing list, but this bug is really bad as it can lead to revealing of the server's private key. It may be another few hours before a mirror near you has the latest updates. In the meantime, you can download the RPMs manually from the primary site. The fixed version is openssl-1.0.1e-16.el6.7. Gordan _______________________________________________ users mailing list [email protected] http://lists.redsleeve.org/mailman/listinfo/users
