Don't forget to restart every daemon that was using the old library as well, or just reboot.
-----Original Message----- From: Peter Kristolaitis [mailto:alte...@alter3d.ca] Sent: Tuesday, April 08, 2014 1:19 AM To: nanog@nanog.org Subject: Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Not just run the updates -- all private keys should be changed too, on the assumption that they've been compromised already. THAT is going to be the crappy part of this. - Pete On 4/8/2014 1:13 AM, David Hubbard wrote: > RHEL and CentOS both have patches out as of a couple hours ago, so run > those updates! CentOS' mirrors do not all have it yet, so if you are > updating, make sure you get the > 1.0.1e-16.el6_5.7 version and not older. > > David > > -----Original Message----- > From: Paul Ferguson [mailto:fergdawgs...@mykolab.com] > Sent: Tuesday, April 08, 2014 1:07 AM > To: NANOG > Subject: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > I'm really surprised no one has mentioned this here yet... > > FYI, > > - - ferg > > > > Begin forwarded message: > >> From: Rich Kulawiec <r...@gsp.org> Subject: Serious bug in ubiquitous >> OpenSSL library: "Heartbleed" Date: April 7, 2014 at 9:27:40 PM EDT >> >> This reaches across many versions of Linux and BSD and, I'd presume, >> into some versions of operating systems based on them. >> OpenSSL is used in web servers, mail servers, VPNs, and many other >> places. >> >> Writeup: Heartbleed: Serious OpenSSL zero day vulnerability revealed >> http://www.zdnet.com/heartbleed-serious-openssl-zero-day-vulnerabilit >> y >> -revealed-7000028166/ >> >> Technical details: Heartbleed Bug http://heartbleed.com/ >> >> OpenSSL versions affected (from link just above): OpenSSL 1.0.1 >> through 1.0.1f (inclusive) are vulnerable OpenSSL 1.0.1g is NOT >> vulnerable (released today, April 7, 2014) OpenSSL 1.0.0 branch is >> NOT vulnerable OpenSSL 0.9.8 branch is NOT vulnerable >> > > - -- > Paul Ferguson > VP Threat Intelligence, IID > PGP Public Key ID: 0x54DC85B2 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (MingW32) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iF4EAREIAAYFAlNDg9gACgkQKJasdVTchbIrAAD9HzKaElH1Tk0oIomAOoSOvfJf > 3Dvt4QB54os4/yewQQ8A/0dhFZ/YuEdA81dkNfR9KIf1ZF72CyslSPxPvkDcTz5e > =aAzE > -----END PGP SIGNATURE----- > > > >