[ Date Index ]
[ Thread Index ]
[ <= Previous by date /
thread ]
[ Next by date /
thread => ]
Re: [LUG] OpenSSL 1.0.1 "Heartbleed" vulnerability
- To: list@xxxxxxxxxxxxx
- Subject: Re: [LUG] OpenSSL 1.0.1 "Heartbleed" vulnerability
- From: Martijn Grooten <martijn@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 8 Apr 2014 10:01:38 +0000
- Content-disposition: inline
- Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=dcglug.org.uk; s=1396810045; h=Sender:Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post:List-Unsubscribe:List-Id:Reply-To:Subject:In-Reply-To:MIME-Version:References:Message-ID:To:From:Date; bh=BItqUqoPymm8K92irnbFn0uvL6PQZRfoqYcJgJedcMs=; b=6Uk+5XL0tPX9s6MP9r0RM836znAKcwxcS6oSixXFJFYnU59N5cYS3ysKQkGpToTqaMN4uMTY3kHxSsI0dYWQtfaEjyReCQzkxtWSvYpr0Wo3yDRTsIhnhIHzq9iq+T9ea0Mo0PUnq1r4svKm2XPesCOYFtyP0Dka4KzDcZtRn8U=;
- Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lapsedordinary.net; s=mail; t=1396951298; bh=sDczSYGN8616BpbKrJ8ssxXKIaMat9nN/rRYq/9pCSU=; h=Date:From:To:Subject:Message-ID:References:MIME-Version: Content-Type:In-Reply-To; b=B4EeUJMGo4Xvd9mQBl2TC+PO6YQYF+9u2MiaL/1da55ji6InO+uLEmO1BmyKATefa y2wpvDt6hLuRl5zf5kMvAMrjDYnoOQZLra9iTzc6H9PTKxVQE8f3YOWL0Qf5/Z3tt1 hqlUr7RFVlZ19F1w01kBtFjsNGL8qub1GApK6L2Y=
On Tue, Apr 08, 2014 at 10:44:02AM +0100, Paul Sutton wrote:
> So is this easy to fix then or is it more complex than just patching
> the issue and releasing an updated version.
Fixing is easy: just upgrade to OpenSSL 1.0.1g.
The problem is that it might be that someone has used this against your
server and thus obtained secret keys and other information that you
don't want others to steal.
This blog:
http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/
advises to also regenerate your private key AND to replace SSL
certificates. Which is a huge pain.
Martijn.
--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq