Airos nada --- Messaggio originale ---
Da: "Edoardo Mazzaracchio" <[email protected]> Inviata: 11 aprile 2014 10:45 A: [email protected] Cc: "wireless" <[email protected]> Oggetto: Re: [Ninux-Wireless] [ninux-roma] OpenWrt e AirOs - OpenSSL: update to 1.0.1g - heartbleed bug Ho appena fatto un "sudo apt-get update" e "sudo apt-get upgrade" su EdgeOS del mio EdgeMAX e ha aggiornato proprio OpenSSL: nazza@Nazza-Edge:~$ sudo apt-get upgrade Reading package lists... Done Building dependency tree... Done The following packages will be upgraded: openssh-client openssh-server ssh 3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 1253 kB of archives. After this operation, 45.1 kB disk space will be freed. Do you want to continue [Y/n]? Y Per AirOS non ho ancora visto 2014-04-11 9:02 GMT+02:00 Saverio Proto <[email protected]>: > Ciao, > > inoltro da OpenWrt Devel. > > OpenWrt ha gia rilasciato il nuovo ipkg di OpenSSL. > > Alla grande il sui miei apparato Scooreggione sono entrato ed ho dato i > comandi > > opkg update > opkg install openssl > > ed ho aggiornato openssl senza dover riflashare. > > Io non ho piu apparati miei con AirOS. Chi ha accesso ad apparati > AirOS con Sburratone, puo fare ldd per controllare il web server > lighttpd che versione di OpenSSL usa ? > > Stanno uscendo i tools per sfruttare il bug. Questo รจ un bug serio. > > Saverio > > > > ---------- Forwarded message ---------- > From: John Crispin <[email protected]> > Date: 2014-04-10 22:45 GMT+02:00 > Subject: [OpenWrt-Devel] OpenSSL: update to 1.0.1g - heartbleed bug > To: OpenWrt Development List <[email protected]> > > > Heartbleed - libopenssl AA binary feed update > > we updated the AA release. the files libopenssl_1.0.1e-1_*.ipk have > been replaced with libopenssl_1.0.1g-1_*.ipk and the Packages index > was updated. If you use openssl on your unit you need to run : > > # opkg update > # opkg upgrade libopenssl > > In order to ensure that all affected services are using the updated > OpenSSL library it is recommended to reboot the device after applying > the upgrade. > > To find out more about the bug go to - http://heartbleed.com/ > > Note that default OpenWrt installations are not vulnerable to the > particular bug, neither the builtin SSH server nor the optional LuCI > SSL support rely on OpenSSL for cryptography. > > The OpenSSL library is not installed within the stock images available > on the download server. > > This is not a lightweight bug. Please take it serious and check your unit. > > OpenWrt Developers > _______________________________________________ > openwrt-devel mailing list > [email protected] > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel >
_______________________________________________ Wireless mailing list [email protected] http://ml.ninux.org/mailman/listinfo/wireless
_______________________________________________ Wireless mailing list [email protected] http://ml.ninux.org/mailman/listinfo/wireless
