Pardon me, just saw that it says 1.0.0f, not 1.0.1f. Fear makes the wolf look bigger! Y.
> On Saturday, April 26, 2014 7:25 PM, Yassen Damyanov <yassen_...@yahoo.com> > wrote: > > Hello list, > > I worry about my 5.1 servers being at risk due to the heartbleed bug, as they > report openssl 1.0.1f which is known to be vulnerable: > > mgate1:~ # uname -a > OpenBSD mgate1.itlabs.bg 5.1 GENERIC#2 amd64 > > > mgate1:~ # openssl version -a > OpenSSL 1.0.0f 4 Jan 2012 > built on: date not available > platform: information not available > options: bn(64,64) rc4(8x,int) des(idx,cisc,16,int) blowfish(idx) > compiler: information not available > OPENSSLDIR: "/etc/ssl" > > > (These 5.1s are installed using openbsd-stable.org builds.) > > > I've seen claims that OBSD 5.2 and below and not affected, which seems to > contradict the fact that mine has that particular openssl version. > > > Can someone help me sort this out? > > Thanks in advance! > Yassen
