[CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
James Hogarth
james.hogarth at gmail.comTue Apr 8 13:02:10 UTC 2014
- Previous message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Next message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 8 April 2014 12:08, Steven Tardy <sjt5atra at gmail.com> wrote: > On Tue, Apr 8, 2014 at 2:56 AM, Keith Keller < > kkeller at wombat.san-francisco.ca.us> wrote: > > > On 2014-04-08, Karanbir Singh <kbsingh at centos.org> wrote: > > > > > > Earlier in the day today, we were made aware of a serious > > > issue in openssl as shipped in CentOS-6.5 ( including updates issued > > > since CentOS-6.5 was released ); This issue is addressed in detail at > > > http://heartbleed.com/ > > > > is there an easy way to know which services need to be kicked? > > > > > rpm -q --whatrequires openssl A slightly cleaner way: lsof -n | grep ssl | grep DEL That should show any processes that are using the old deleted library for you to restart... Tomcat, apache httpd, postfix, postgresl, mysql... best just to restart any network facing application that has SSL enabled ;)
- Previous message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Next message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list