[CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
Keith Keller
kkeller at wombat.san-francisco.ca.us
Tue Apr 8 21:08:26 UTC 2014
On 2014-04-08, Robert Arkiletian <robark at gmail.com> wrote:
>
> if you include libcrypto in the grep then sshd is affected.
That's unfortunate. :( Is the bug in libssl, libcrypto, or both?
Since sshd is in doubt, I would like to force my users to change their
password, which is stored on a central openldap server. What's the
canonical CentOS way to do this? I've done some web searches for some
answers, but haven't found anything really definitive, just some
workarounds and some crude hacks.
--keith
--
kkeller at wombat.san-francisco.ca.us
More information about the CentOS
mailing list