Re: [Zenloadbalancer-support] Heartbleed OpenSSL Vulnerability

Fri, 11 Apr 2014 08:13:02 -0700 

Hi Sathish,

    If you have not applied the debian security updates that were released
for openssl this week, then yes you are most likely vulnerable.

    To confirm, login via putty to the debian box as a sudo or root user
and launch aptitude.  Check the security updates for libssl and openssl,
check the Package->Changelog for both and you should see at the top the CVE
information that the updates patch.  Remember that after patching, debian
recommends restarting the system.

~Jeremy


On Fri, Apr 11, 2014 at 4:02 AM, Laura Garcia <[email protected]> wrote:

> Hi, the zenlb community version is not afected if you haven't upgraded the
> system through apt-get.
>
> Regards
> El 11/04/2014 12:59, "Sathish Gangadharan" <[email protected]>
> escribió:
>
>> Hi ZenAdmins,
>>
>> We are using Zen LB opensource v3.03 for loadbalancing few of our
>> applications.
>>
>> I recently heard about a significant security vulnerability known as
>> Heartbleed that was discovered in open source SSL library (openssl) which
>> provides the potential for an attacker to gain access to the SSL private
>> keys of a vulnerable SSL system.
>>
>>
>> http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=720951&SearchOrder=4
>>
>> Does anyone know if Zen LB v3.0.3  opensource product is affected by this
>> vulnerability?
>>
>> Thanks
>> Sathish
>>
>>
>> ------------------------------------------------------------------------------
>> Put Bad Developers to Shame
>> Dominate Development with Jenkins Continuous Integration
>> Continuously Automate Build, Test & Deployment
>> Start a new project now. Try Jenkins in the cloud.
>> http://p.sf.net/sfu/13600_Cloudbees
>> _______________________________________________
>> Zenloadbalancer-support mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>>
>>
>
> ------------------------------------------------------------------------------
> Put Bad Developers to Shame
> Dominate Development with Jenkins Continuous Integration
> Continuously Automate Build, Test & Deployment
> Start a new project now. Try Jenkins in the cloud.
> http://p.sf.net/sfu/13600_Cloudbees
> _______________________________________________
> Zenloadbalancer-support mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support
>
>

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees
_______________________________________________
Zenloadbalancer-support mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/zenloadbalancer-support

Reply via email to