There's good news, bad news, and worse news regarding the "Heartbleed" bug that affected nearly two-thirds of the Internet's servers dependent on SSL encryption. The good news is that many of those servers (well, about a third) have already been patched. And according to analysis by Robert Graham of Errata Security, the bug won't expose the private encryption key for servers "in most software" (though others have said several web server distributions are vulnerable to giving up the key under certain circumstances.)
source : http://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/ -- Registered Linux user #545296 _______________________________________________ Indian Libre User Group Cochin Mailing List http://www.ilug-cochin.org/mailing-list/ http://ilug-cochin.org/mailman/listinfo/mailinglist_ilug-cochin.org #ilugko...@irc.freenode.net
