Hello list, I worry about my 5.1 servers being at risk due to the heartbleed bug, as they report openssl 1.0.1f which is known to be vulnerable:
mgate1:~ # uname -a OpenBSD mgate1.itlabs.bg 5.1 GENERIC#2 amd64 mgate1:~ # openssl version -a OpenSSL 1.0.0f 4 Jan 2012 built on: date not available platform: information not available options: bn(64,64) rc4(8x,int) des(idx,cisc,16,int) blowfish(idx) compiler: information not available OPENSSLDIR: "/etc/ssl" (These 5.1s are installed using openbsd-stable.org builds.) I've seen claims that OBSD 5.2 and below and not affected, which seems to contradict the fact that mine has that particular openssl version. Can someone help me sort this out? Thanks in advance! Yassen