On Wednesday, 2014-04-09 at 12:42:16 +0200, Rob van der Putten wrote: > AFAIK all services that use TLS + open-ssl are effected. > I generated new keys for Apache, Asterisk, Exim and imap and > restarted those services. > According to a post on slashdot SSH is not effected. I don't know if > this is correct.
It would probably be a good idea not to rely on a fixed list of services which would exclude programs the user installed from other sources, but use something like this: grep libssl.so /proc/*/maps (Assuming that libcrypto.so did not change in this update.) I admit that mapping the list of processes to services is hard, so the best way would probably be to filter the list by known executables and list the unknowns for the user to restart by hand. Lupe Christoph -- | The politician's syllogism: | | We must do something | | This is something | | Therefore, we must do this. | -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140409112033.ga7...@lupe-christoph.de
