And I may add this link for the exact patch version since different package
revision exist for different versions of Ubuntu -
http://www.ubuntu.com/usn/usn-2165-1/
Ubuntu 13.10:
libssl1.0.0 1.0.1e-3ubuntu1.2
Ubuntu 12.10:
libssl1.0.0 1.0.1c-3ubuntu2.7
Ubuntu 12.04 LTS:
libssl1.0.0 1.0.1-4ubuntu5.12
As for CentOS 6, they haven't release a patch version but the latest
available in the update repo have the heartbeat feature disable, interim
workaround so upgrade when you can:
http://www.spinics.net/lists/centos-announce/msg04910.html
http://www.spinics.net/lists/centos-announce/msg04910.html
-----
-[ OpenSource, Open Ideas ]-
On Wed, Apr 9, 2014 at 8:42 AM, fooler mail <[email protected]> wrote:
> pluggers,
>
> action needed from you if you are not aware with this serious security
> hole...
>
> http://www.openssl.org/news/secadv_20140407.txt
>
> update/patch your openssl package... create a new private key using
> updated/patched openssl... create a new CSR based on that new private
> key and update your https site(s) with a new signed certificate (this
> includes self-signed certificate as well)
>
> fooler.
> _________________________________________________
> Philippine Linux Users' Group (PLUG) Mailing List
> http://lists.linux.org.ph/mailman/listinfo/plug
> Searchable Archives: http://archives.free.net.ph
>
_________________________________________________
Philippine Linux Users' Group (PLUG) Mailing List
http://lists.linux.org.ph/mailman/listinfo/plug
Searchable Archives: http://archives.free.net.ph
