Excellent...was just going to ask for this important update! -Marc On Apr 9, 2014 7:09 AM, "Gordan Bobic" <[email protected]> wrote:
> I'm sure most of you have heard about the recent > OpenSSL heartbleed voulnerability over the last > few days. I have updated OpenSSL to the latest > version which includes a fix for this. > > Please update at your earliest convenience as the > data that OpenSSL leaks can include passwords, > authentication cookies or the server's private > RSA key. > > Changing all the private keys, certificates and > passwords that may have been transmitted over > SSL on the affected servers is also recommended. > > I wouldn't normally bother mentioning an update > of any single package on the mailing list, but this > bug is really bad as it can lead to revealing of > the server's private key. > > It may be another few hours before a mirror near > you has the latest updates. In the meantime, you > can download the RPMs manually from the primary > site. The fixed version is openssl-1.0.1e-16.el6.7. > > Gordan > _______________________________________________ > users mailing list > [email protected] > http://lists.redsleeve.org/mailman/listinfo/users >
_______________________________________________ users mailing list [email protected] http://lists.redsleeve.org/mailman/listinfo/users
