OpenSSL vulnerability

Discussions Regarding Software

Moderator: Moderators

OpenSSL vulnerability

Postby vincebarwinski » Thu Apr 10, 2014 11:56

With the heartbleed vulnerability for openssl making news, I decided to see if openssl was installed on my system. It was, and I then decided out of curiosity to see what would happen if it was uninstalled with the command:

equo remove dev-libs/openssl-1.0.1f-r1 --pretend

to which I get the following message:

☢ Ouch!, the following system packages were pulled in:
☢ # dev-libs/openssl-1.0.1f-r1

Does this mean it has been pulled out of the sabayon repository until this heartbleed vulnerability is fixed?

Thanks in advance.
vincebarwinski
Baby Hen
 
Posts: 5
Joined: Sun Oct 13, 2013 8:13

Re: OpenSSL vulnerability

Postby sabayonino » Thu Apr 10, 2014 13:12

Openssl *f version was pulled

Openssl was fixed since April 08th for all sabayon repositories
(binary → standard → sabayonlinux.org → amd64 → 5 | revision: 0 | date: 2014-04-08)

https://packages.sabayon.org/quicksearc ... sl&x=0&y=0

Code: Select all
# equo update --force


Code: Select all
# equo i openssl


PS : all servers (goole,yahoo etc etc ...) must be updated (heartbleed vulnerability) simply updating last openssl version ...
User avatar
sabayonino
Sagely Hen
 
Posts: 2678
Joined: Sun Sep 21, 2008 1:12
Location: Italy


Return to Software in General

Who is online

Users browsing this forum: No registered users and 2 guests