Replacing openssl and the certs should be an effective patch. You can always check by running ldd against the stunnel binary to confirm it is linking to a specific SSL library.
There is also some consideration that you must assume systems were compromised and snooped and change all passwords as well... Regards, KAM Koenraad Lelong <[email protected]> wrote: >op 10-04-14 12:15, Koenraad Lelong schreef: >> op 08-04-14 16:58, Burak Say schreef: >>> Hello, >>> >>> When do you think you can release a patch to use OpenSSL 1.0.1g >instead >>> of 1.0.1f? >>> >> >> Hi, >> >> I would like to know if I'm safe when I installed the latest >> openssl-libraries comming from ubuntu (for 12.04LTS). Or do I need to >> update stunnel also ? The ubuntu package for the latest stunnel seems >> unavailable right now. >> >> Regards, >> >> Koenraad. > >I just thought of looking in the package-manager. This says stunnel >depends on libssl1.0.0 (installed 1.0.1-4ubuntu5.12) and on openssl >(installed 1.0.1-4ubuntu5.12). >So I presume I can generate new certificates. > >Koenraad. > >_______________________________________________ >stunnel-users mailing list >[email protected] >https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
