I do understand that it is half of the problem, but it is also important to know that most servers do not use the vulnerable package, they use an older one afaik.
Cheers Sam On April 8, 2014 Tuesday 23:42:45 Anand Singh wrote: > Just remember that patching your local installation doesn't make you safe > from this exploit (unless you were patching a Mageia 4 server for the > benefit of your users). On the upside, Theo has a remote hole to patch. > > Anand. > > On Tuesday, April 8, 2014, Bogi <khan...@shaw.ca> wrote: > > Good, I have got it patched yesterday :-) > > And OpenSSH today .... > > > > :-) > > > > Mageia 4 > > > > Cheers > > Sam > > > > On April 8, 2014 Tuesday 22:17:34 Dafydd Crosby wrote: > > > Just thought I'd pass along a problem that was discovered in OpenSSL - > > > http://heartbleed.com > > > Basically, there's a bug in OpenSSL 1.0.1-1.0.1f that lets you pull all > > > sorts of stuff from an OpenSSL-based connection that uses SSL > > > heartbeats. > > > It's bad enough that I called my parents to tell them to hold off on > > > > online > > > > > banking until they can confirm the bank's have got it patched. > > > > > > -David _______________________________________________ clug-talk mailing list clug-talk@clug.ca http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
