On Apr 14, 2014, at 10:17 , LOKESH JANGIR <lk.jangi...@gmail.com> wrote:

> Hi Team,
> 
> I am using Ubuntu, Amazon ami with apache 2.0 and mod_ssl installed. I found 
> the same openssl vulnerability issue with my ssl certificate. I have 
> installed new openssl bugfixed version 1.0.1g and create csr and key file 
> from this. Also i have installed this on the server. I have restarted apache 
> service and server many times after installation. 
> 
> But still it is showing my website vulnerable. Can you please guide me what 
> am i missing now ?

did you use "apachectl restart", or "apachectl stop" + "apachectl start"? If 
you did
the former, the process may still be running with the old, deleted library. Try

sudo lsof -n | grep libssl | grep DEL

to see if that is still the case.


rainer______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to