On Sat, Apr 26, 2014 at 6:25 PM, Yassen Damyanov <yassen_...@yahoo.com>wrote:
> Hello list, > > I worry about my 5.1 servers being at risk due to the heartbleed bug, as > they report openssl 1.0.1f which is known to be vulnerable: > Funny to see people being scared about security issue of particular component of system when whole system is long time unsupported and unpatched........ > > mgate1:~ # uname -a > OpenBSD mgate1.itlabs.bg 5.1 GENERIC#2 amd64 > > > mgate1:~ # openssl version -a > OpenSSL 1.0.0f 4 Jan 2012 > built on: date not available > platform: information not available > options: bn(64,64) rc4(8x,int) des(idx,cisc,16,int) blowfish(idx) > compiler: information not available > OPENSSLDIR: "/etc/ssl" > > > (These 5.1s are installed using openbsd-stable.org builds.) > > > I've seen claims that OBSD 5.2 and below and not affected, which seems to > contradict the fact that mine has that particular openssl version. > > > Can someone help me sort this out? > > Thanks in advance! > Yassen
