[CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
Steve Clark
sclark at netwolves.comTue Apr 8 17:32:02 UTC 2014
- Previous message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Next message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 04/08/2014 01:12 PM, Alain Péan wrote: > Le 08/04/2014 19:05, Tony Mountifield a écrit : >> And I notice that the new libraries after applying the update are >> STILL called 1.0.1e - is that correct? Could be confusing. > Because at this time, it's only a workaround that disable certain > services, not a fix to the libraries, as I read in the annoucement ? > > Alain > According to the changelog this update 5.7 fixed the cve. $ rpm -qa|grep openssl openssl-1.0.1e-16.el6_5.7.x86_64 openssl-devel-1.0.1e-16.el6_5.7.x86_64 Tue Apr 8 12:17:25 EDT 2014 Z643357:~ $ rpm -q --changelog openssl | less * Mon Apr 07 2014 Tomás( Mráz <tmraz at redhat.com> 1.0.1e-16.7 - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension -- Stephen Clark *NetWolves Managed Services, LLC.* Director of Technology Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.clark at netwolves.com http://www.netwolves.com
- Previous message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Next message: [CentOS] CVE-2014-0160 CentOS 6 openssl heartbleed workaround
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list