On Tuesday, April 15, 2014 6:40:10 AM UTC-4, jori.ma...@uta.fi wrote:
>
> On Mon, 14 Apr 2014, William Stein wrote:
>
> > That said, even if we plan to update it, for now I think we should
> > delete the openssl spkg asap anyways, since it contains the
> > vulnerability. - - it is now gone.
>
On Mon, 14 Apr 2014, William Stein wrote:
That said, even if we plan to update it, for now I think we should
delete the openssl spkg asap anyways, since it contains the
vulnerability. - - it is now gone.
So what should one do to existing installations? After removing several
*ssl* files and d
On Mon, Apr 14, 2014 at 7:40 AM, kcrisman wrote:
>
>
> On Sunday, April 13, 2014 3:46:57 PM UTC-4, William wrote:
>>
>> On Sun, Apr 13, 2014 at 12:22 PM, Brian Sherson
>> wrote:
>> > First question: Is SAGE notebook susceptible to the Heartbleed bug when
>> > run
>> > with secure=True?
>>
>> It d
On Sunday, April 13, 2014 3:46:57 PM UTC-4, William wrote:
>
> On Sun, Apr 13, 2014 at 12:22 PM, Brian Sherson
> >
> wrote:
> > First question: Is SAGE notebook susceptible to the Heartbleed bug when
> run
> > with secure=True?
>
> It depends. Yes... unless you have a new version of the op
On Sun, Apr 13, 2014 at 12:22 PM, Brian Sherson wrote:
> First question: Is SAGE notebook susceptible to the Heartbleed bug when run
> with secure=True?
It depends. Yes... unless you have a new version of the openssl
library. It depends a lot on how/where you built Sage and the sage
notebook.
First question: Is SAGE notebook susceptible to the Heartbleed bug when
run with secure=True?
Secondly, if so, would any connection that attempts to exploit that bug
necessarily show up in the console?
~Brian
--
You received this message because you are subscribed to the Google Groups
"sage
