[TriLUG] Heartbleed SSL vuln: regenerate your ssh host keys?
Thomas V Thomas
thomasvt at gmail.com
Tue Apr 8 20:34:13 EDT 2014
Looks like login.trilug.org is also vulnerable to this issue.
On Tue, Apr 8, 2014 at 1:58 PM, Ken MacKenzie <ken at mack-z.com> wrote:
> I need to remember that debian check restart thing. Thanks!
>
>
> On Tue, Apr 8, 2014 at 1:47 PM, Igor Partola <igor at igorpartola.com> wrote:
>
> > As a quick update, note that different distributions are taking different
> > approaches to releasing fixes. For example, in Ubuntu the new package
> seems
> > to be versioned at 1.0.1-4ubuntu5.12. In CentOS the version of libssl
> seems
> > to still be vulnerable (1.0.1e) but the they seem to have simply disabled
> > the heartbeat extension instead of upgrading to the latest version of
> > libssl (openssl-1.0.1e-16.el6_5.7 is the new package where 5.7 means it's
> > been patched).
> >
> > During this process I realized what a mess libssl versioning is and how
> > much every player involved messes with it.
> >
> > On the plus side I learned of a cool utility available for Debian/Ubuntu:
> > `apt-get install debian-goodies`, then run `sudo checkrestart`. This will
> > give you a list of processes whose libraries were upgraded but the
> > processes were not restarted. Very useful, given that in this case it's
> not
> > enough to upgrade libssl: you also must restart every process that uses
> it
> > to start using the new version.
> >
> > Igor
> > --
> > This message was sent to: Ken M. <ken at mack-z.com>
> > To unsubscribe, send a blank message to trilug-leave at trilug.org from
> that
> > address.
> > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> > Unsubscribe or edit options on the web :
> > http://www.trilug.org/mailman/options/trilug/ken%40mack-z.com
> > Welcome to TriLUG: http://trilug.org/welcome
> >
> --
> This message was sent to: Thomas V Thomas <thomasvt at gmail.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
> address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web :
> http://www.trilug.org/mailman/options/trilug/thomasvt%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome
>
More information about the TriLUG
mailing list