Quantcast
Channel: Our response to the OpenSSL 'heartbleed' vulnerability
Browsing latest articles
Browse All 20 View Live

Our response to the OpenSSL 'heartbleed' vulnerability

@mbloch wrote: Here's how we're responding to the OpenSSL vulnerability announced at http://heartbleed.com/ This is a very serious security vulnerability in software that is deployed on almost every...

View Article



Our response to the OpenSSL 'heartbleed' vulnerability

@ichilton wrote: There was a slight typo in one of the links to the advisory above - you can find it here: http://heartbleed.com Read full topic

View Article

Our response to the OpenSSL 'heartbleed' vulnerability

@cdelarrinaga wrote: Thank you for the advisory. I assume generating fresh keys with a vulnerable version of OpenSSL is not helpful? So the action recommended for Symbiosis users is to do so using an...

View Article

Our response to the OpenSSL 'heartbleed' vulnerability

@pcherry wrote: Symbiosis uses the ordinary Debian security updates, and so you can just run apt-get update followed by apt-get upgrade to upgrade everything. That should restart (at least) the...

View Article

Our response to the OpenSSL 'heartbleed' vulnerability

@cdelarrinaga wrote: As of this morning - apt-get update/upgrade take openssl to OpenSSL 1.0.1e 11 Feb 2013 not to 'g' . Presumably this means either waiting for an official update for wheezy or...

View Article


Our response to the OpenSSL 'heartbleed' vulnerability

@dwilko wrote: It should be a patched version of 1.0.1e, if the installed package is 1.0.1e-2+deb7u5 then it's not vulnerable. http://www.debian.org/security/2014/dsa-2896 You need to make sure you...

View Article

Image may be NSFW.
Clik here to view.

Our response to the OpenSSL 'heartbleed' vulnerability

@cdelarrinaga wrote: dwilko: 1.0.1e-2+deb7u5 the update gave me 1.0.1e-2+deb7u6 apt-cache policy opensslopenssl: Installed: 1.0.1e-2+deb7u6 Candidate: 1.0.1e-2+deb7u6 Version table: ***...

View Article

Our response to the OpenSSL 'heartbleed' vulnerability

@dwilko wrote: Then it should be fine, I mean to say u5 and up. If I recall correctly u6 tries to advise you on which services you need to restart for the patch to take affect, I have found it doesn't...

View Article


Our response to the OpenSSL 'heartbleed' vulnerability

@mbloch wrote: I am writing a follow-up post at the moment on how to handle your data after patching heartbleed. Just waiting for a bit of feedback from the rest of the team. Read full topic

View Article


Image may be NSFW.
Clik here to view.

Our response to the OpenSSL 'heartbleed' vulnerability

@mbloch wrote: Here it is: Heartbleed: after you've patched, what next? Security A few customers have got in touch to ask what they should do after patching their servers against the heartbleed...

View Article
Browsing latest articles
Browse All 20 View Live




Latest Images