I have never had a break in. The Fortinet 60E firewall does an amazing job.
I will just leave it up to Ubuntu to provide the best OpenSSL solutions. Many
people complain Ubuntu LTS is never on the latest kernel and lacks other things
the 9 month distros like 21.04 and 21.10 give you.I
Hi,
On 31/05/21 13:01, Michael McKenney wrote:
My wordpress servers are under constant attack. My Fortinet 60E
firewall logs are filled. Openssl is constantly reported on The
Hacker News and other sites. So I don’t need to worry about
upgrading OpenSSL in the future to 1.1.1k or above? I
This is at my house in my basement. My Fortinet 60E firewall is kept on the
latest software. I am waiting now for 7.0.1 or 7.0.2 to be released.
Fortinet engineers usually email me when to upgrade to the new revision. I
have 4 NFRs open on IPv6 and DHCPv6.UTM is fully enabled. Geofen
I follow the LTS Enablement Stack and LTS versions. I am on 20.04.2. I
guess I wait for 22.04 next year.
Your Hardware Enablement Stack (HWE) is supported until April 2025.
-Original Message-
From: Tomas Mraz
Sent: Monday, May 31, 2021 7:44 AM
To: Michael McKenney ; Jan Just Keij
On Mon, May 31, 2021 at 7:02 AM Michael McKenney via openssl-users
wrote:
>
> My wordpress servers are under constant attack. My Fortinet 60E firewall
> logs are filled. Openssl is constantly reported on The Hacker News and other
> sites. So I don’t need to worry about upgrading OpenSSL in t
If you use a supported distro (i.e., one that is not out of life) then
the distro is expected to supply CVE issue fixes in form of updates.
They usually do not upgrade the version to the upstream one but just
backport the security fixes and that's the reason why the version does
not change.
Tomas
My wordpress servers are under constant attack. My Fortinet 60E firewall logs
are filled. Openssl is constantly reported on The Hacker News and other sites.
So I don't need to worry about upgrading OpenSSL in the future to 1.1.1k or
above? I can just use what the distro has to offer by apt
On 30/05/21 14:05, Michael McKenney wrote:
Why can't we get a proper installation method to keep OpenSSL at the
latest revision for Linux?
My biggest compliant with Linux is it is so difficult to get best
practice installations for services like OpenSSL. Ubuntu is still on
1.1.1f. I have
Ubuntu isn't on 1.1.1f. 20.04 is on 1.1.1f-1ubuntu2.4, 20.10 is on
1.1.1f-1ubuntu4.4 and 21.04 is on 1.1.1j-1ubuntu3.1.
The "1ubuntuX.Y" bits mean that there are additional patches on top of the
vanilla 1.1.1f release in there. Likely backports of security patches. For
details, Ubuntu has a packag
