OpenSSL vulnerability

Discussions Regarding Software

Moderator: Moderators

Post Reply
Baby Hen
Posts: 5
Joined: Sun Oct 13, 2013 8:13

OpenSSL vulnerability

Post by vincebarwinski » Thu Apr 10, 2014 11:56

With the heartbleed vulnerability for openssl making news, I decided to see if openssl was installed on my system. It was, and I then decided out of curiosity to see what would happen if it was uninstalled with the command:

equo remove dev-libs/openssl-1.0.1f-r1 --pretend

to which I get the following message:

☢ Ouch!, the following system packages were pulled in:
☢ # dev-libs/openssl-1.0.1f-r1

Does this mean it has been pulled out of the sabayon repository until this heartbleed vulnerability is fixed?

Thanks in advance.

User avatar
Sagely Hen
Posts: 3190
Joined: Sun Sep 21, 2008 1:12
Location: Italy

Re: OpenSSL vulnerability

Post by sabayonino » Thu Apr 10, 2014 13:12

Openssl *f version was pulled

Openssl was fixed since April 08th for all sabayon repositories
(binary → standard → → amd64 → 5 | revision: 0 | date: 2014-04-08) ... sl&x=0&y=0

Code: Select all

# equo update --force

Code: Select all

# equo i openssl
PS : all servers (goole,yahoo etc etc ...) must be updated (heartbleed vulnerability) simply updating last openssl version ...
[Che Cos'è Il Calcolo Distribuito (BOINC)

BOINC ready ! Sabayon+BOINC = BILD ,my Sabayon spin :cyclops: - Ready to crunch for the Science everywhere :)

Post Reply