[CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
Keith Keller
kkeller at wombat.san-francisco.ca.us
Tue Apr 8 15:16:32 UTC 2014
On 2014-04-08, James Hogarth <james.hogarth at gmail.com> wrote:
>
> Tomcat, apache httpd, postfix, postgresl, mysql... best just to restart any
> network facing application that has SSL enabled ;)
Actually, I should have been more thorough: I am also interested in
knowing which credentials were vulnerable, so I can set policy on what
passwords must be changed as soon as possible. If sshd had been
vulnerable, for example, I would have to force them to change that
password immediately.
--keith
--
kkeller at wombat.san-francisco.ca.us
More information about the CentOS
mailing list