On Sat, Apr 12, 2014 at 10:01 AM, daniel wrote:
> Mod_spdy has a statically-linked vulnerable version of OpenSSL
That sounds like a pretty bad bug in your copy of mod_spdy, please ask
the vendor of your copy of mod_spdy to fix this by depending on the
OpenSSL shared library instead of statically
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Thank you all for your help. Mod_spdy has a statically-linked vulnerable
version of OpenSSL. After the standard update we are no longer vulnerable.
Daniel
Estelmann, Christian wrote:
> Your server talks spdy. Have you upgraded mod_spdy to 0.9.4.2?
On 11.04.2014, at 17:26, daniel wrote:
>
> We are very concerned about the 'Heartbeat' security problem which has
> been discovered with OpenSSL. Thanks to our out-of-date old-stable
> version of debian, we are using:
>
> openssl 0.9.8o-4squeeze14
>
> This page also claims debian 6 (which we
Your server talks spdy. Have you upgraded mod_spdy to 0.9.4.2?
(for mod_spy you need an Apache HTTP Server 2.4.X, in squeeze there is only
2.2.16 ...)
> Gesendet: Freitag, 11. April 2014 um 17:26 Uhr
> Von: daniel
> An: debian-security@lists.debian.org
> Cc: "- Noflag"
> Betreff: Re: [SECURITY
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Dear all,
We are very concerned about the 'Heartbeat' security problem which has
been discovered with OpenSSL. Thanks to our out-of-date old-stable
version of debian, we are using:
openssl 0.9.8o-4squeeze14
This page also claims debian 6 (which we
5 matches
Mail list logo
