[Wolves] Fwd: [LUG] OpenSSL 1.0.1 "Heartbleed" vulnerability

Richard Barker richard.barker at quietwatercourse.co.uk
Tue Apr 8 17:44:43 UTC 2014


On 08/04/14 18:13, Mark Croft wrote:
> just reading this from devon linux user group , sounds serious ,
> bugs/flaw/hole in cryptographic software library
>
> "Researchers have discovered an extremely critical defect in the
> cryptographic software library an estimated two-thirds of Web servers
> use to identify themselves to end users and prevent the eavesdropping
> of passwords, banking credentials, and other sensitive data."
>
>
>
> ---------- Forwarded message ----------
> From: Martijn Grooten <martijn at lapsedordinary.net>
> Date: 8 April 2014 09:10
> Subject: [LUG] OpenSSL 1.0.1 "Heartbleed" vulnerability
> To: list at dcglug.org.uk
>
>
> Things rarely get more serious than this:
>
> http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/
> http://heartbleed.com/
>
> Martijn.
>
>
> --
> The Mailing List for the Devon & Cornwall LUG
> http://mailman.dclug.org.uk/listinfo/list
> FAQ: http://www.dcglug.org.uk/listfaq
>
> _______________________________________________
> Wolves LUG mailing list
> Homepage: http://www.wolveslug.org.uk/
> Mailing list: Wolves at mailman.lug.org.uk
> Mailing list home: https://mailman.lug.org.uk/mailman/listinfo/wolves
>
I saw this earlier, it's very worrying but it seems to have been patched 
commendably quickly. Those of us who make use of OpenVPN might find the 
information at this link of interest.  It seems that the OpenVPN team do 
need to issue a patch seperately.

https://forums.openvpn.net/topic15519.html

Rich.



More information about the Wolves mailing list