On Qua, 2014-04-09 at 09:04 -0300, Welkson Renny de Medeiros wrote: > 2014-04-08 18:24 GMT-03:00 Renato Botelho <rbga...@gmail.com>: > > > -------- Forwarded Message -------- > > From: FreeBSD Security Officer <security-offi...@freebsd.org> > > Reply-to: freebsd-secur...@freebsd.org > > To: FreeBSD Security Advisories <security-advisor...@freebsd.org> > > Subject: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug > > Date: Tue, 8 Apr 2014 20:42:29 GMT > > > > Hi, > > > > This is a heads-up for the OpenSSL "Heartbleed" bug. > > > > FreeBSD port security/openssl have been patched on 2014-04-07 21:46:40 > > UTC (head, r350548) and 2014-04-07 21:48:07 UTC (branches/2014Q2, r350549). > > > > FreeBSD base system have been patched on 2014-04-08 18:27:32 UTC (head, > > r264265), 2014-04-08 18:27:39 UTC (stable/10, r264266), 2014-04-08 > > 18:27:46 UTC (releng/10.0, r264267). The update is available with > > freebsd-update. All other supported FreeBSD branches are not affected > > by this issue. > > > > > Quando vi o anúncio dessa falha não dei a devida importância, mas ontem já > deu para perceber o tamanho do estrago. Conseguiram capturar diversas > senhas de usuários do Yahoo, etc. > > Estava conferindo a versão do OpenSSL no meu sistema: > > % openssl version -v > > OpenSSL 0.9.8x 10 May 2012
Só confere se vc não tem outro openssl instalado via ports no /usr/local, se tiver, basta atualizar ele pra 1.0.1.g e re-gerar possiveis certificados gerados com ele. -- Renato Botelho ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
