On Thu, 10 Apr 2014 19:04:27 +0200
Pongrácz István wrote:
> What if they implemented this "feature" to be able to get information
> without trace? :
Then they would have succeeded spectacularly with us thinking "there is
a bug" in OpenSSL.
My preferred beckup encryption scheme still would
What if they implemented this "feature" to be able to get information without
trace? :
eredeti üzenet-
Feladó: "ario" ledger-smb-us...@infopower.nl
Címzett: ledger-smb-users@lists.sourceforge.net
Dátum: Thu, 10 Apr 2014 15:01:46 +
---
If I were the NSA or GCHQ, I would have _loved_ to have dropped the
developer into the OpenSSL team that coded this 'mistake'. :)
ario
On Thu, 10 Apr 2014 01:14:07 -0700
Chris Travers wrote:
> Hi everyone,
>
> Many of you may have heard of the recent severe OpenSSL vulnerability
> discovered
On Thu, Apr 10, 2014 at 3:49 AM, Peter van Bussel wrote:
> Ouch!
>
>
>
To be clear, we aren't directly affected. The attack is against a web
server and there may be plenty of possible and supported configurations
that are not affected.
However, this is a serious situation even if it is not in ou
Ouch!
Peter
Van: Chris Travers [mailto:chris.trav...@gmail.com]
Verzonden: donderdag 10 april 2014 10:14
Aan: Development discussion for LedgerSMB; LedgerSMB Users; LedgerSMB
Onderwerp: [Ledger-smb-users] My Assessment of the Heartbleed OpenSSL bug
and LedgerSMB
Hi everyone,
Many o
Hi everyone,
Many of you may have heard of the recent severe OpenSSL vulnerability
discovered which allows an attacker significant access to a web server's
internal memory. I wanted to share my assessment here as to how this
impacts LedgerSMB, what mitigation and recovery measures I would recomme
