[ALUG] OpenSSL bug.

Titus T. ttituskayz16 at gmail.com
Tue Jul 14 12:54:49 EAT 2015 

http://thehackernews.com/2015/07/openssl-vulnerability-ssl-certificate.html

Regards,

*********************************************************************
Titus Turinawe-Computer Tech
*Email: ttituskayz16 at gmail.com <ttituskayz16 at gmail.com>,*
*          titus at bioscomputers.co.tz <ttitus.turinawe at habari.co.tz>*
*Phone: +255 756258434, (0)686122151*
"The more you ignore me, the closer I get" -- Morrissey
<http://true-to-you.net/>.



On Tue, Apr 8, 2014 at 1:05 PM, Andreas Tauscher <ta at geuka.net> wrote:

> The security issue CVE-2014-0160 [1][2] describes an implementation bug in
> OpenSSL.
> The Hartbleed named bug enables an remote attacker to extract the private
> key from a server used for the encryption.
> With this key you can decrypt any recorded (if you are not using PFS)
> traffic or even doing it in real-time as man in the middle.
> Affected is beside openssl any software linked against libopenssl.
> Affected versions are:
> OpenSSL 1.0.1 up to 1.0.1f
>
> Affected distributions:
>
> Debian Wheezy (stable)
> Ubuntu 12.04.4 LTS,
> CentOS 6.5,
> Fedora 18,
> OpenSUSE 12.2,
> OpenBSD 5.3
> OpenBSD 5.4
> FreeBSD 8.4
> FreeBSD 9.1
> NetBSD 5.0.2
>
> All this distributions have already released updates.
> To be on the really safe side you should recreate after updating all
> private keys used on a vulnerable system.
>
> Andreas
>
> [1] https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0160
> [2] http://heartbleed.com/
> _______________________________________________
> The Arusha Linux User Group: http://unix.or.tz
> Linux mailing list
> Linux at lists.habari.co.tz
> http://lists.habari.co.tz/cgi-bin/mailman/listinfo/linux
>
> The Arusha LUG mailing list is generously hosted by Habari Node Ltd:
> http://www.habari.co.tz/
>
> The above comments and data are owned by whoever posted them (including
> attachments if any). The mailing list host is not responsible for them in
> any way.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20150714/3c4f6cef/attachment.html>

More information about the Linux mailing list