Previous Thread
Next Thread
Print Thread
Hop To
Joined: Jul 2006
Posts: 4,057
Joined: Jul 2006
Posts: 4,057
http://www.bbc.co.uk/news/technology-26935905

And how to check

http://stackoverflow.com/questions/...ssl-and-mod-ssl-are-installed-on-apache2

Not sure which is the None Bug version ?
Just wanted to pass on something i only heard about today.


The bug has been present in versions of OpenSSL that have been available for over two years. The latest version of OpenSSL released on 7 April is no longer vulnerable to the bug.

"Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously," wrote the researchers.

Installing an updated version of OpenSSL did not necessarily mean people were safe from attack, said the team. If attackers have already exploited it they could have stolen encryption keys, passwords or other credentials required to access a server, they said.

Full protection might require updating to the safer version of OpenSSL as well as getting new security certificates and generating new encryption keys. To help people check their systems some security researchers have produced tools that help people work out if they are running vulnerable versions of OpenSSL.
http://www.bbc.co.uk/news/technology-26935905



BOOM !! Version v7.6.1.1
People who inspire me Isaac ME Gizmo
Joined: Jul 2006
Posts: 4,057
Joined: Jul 2006
Posts: 4,057
http://heartbleed.com/

check your version you may not be effected smile

What versions of the OpenSSL are affected?

Status of different versions:

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable
Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.


BOOM !! Version v7.6.1.1
People who inspire me Isaac ME Gizmo
Joined: Jun 2006
Posts: 16,292
Likes: 116
UBB.threads Developer
UBB.threads Developer
Joined: Jun 2006
Posts: 16,292
Likes: 116
I use CloudFlare as a CDN and they patched all of their SSL servers a week prior to the "oh crap the worlds ending" announcement.


I am a Web Development Contractor, I do not work for UBBCentral. I have provided free User to User Support since the beginning of these support forums.
Do you need Forum Install or Upgrade Services?
Forums: A Gardeners Forum, Scouters World
UBB.threads: UBBWiki, UBB Styles, UBB.Sitemaps
Longtime Supporter & Resident Post-A-Holic
VNC Web Services: Code Modifications, Upgrades, Styling, Coding Services, Disaster Recovery, and more!

Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
spam issues
by ECNet - 03/19/2024 11:45 PM
Looking for a forum
by azr - 03/15/2024 11:26 PM
Editing Links in Post
by Outdoorking - 03/15/2024 9:31 AM
Question on barkrowler and the like
by Mors - 02/29/2024 6:51 PM
Member Permissions Help
by domspeak - 02/27/2024 6:31 PM
Who's Online Now
1 members (Havenofsobriety), 522 guests, and 99 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Stones
Stones
by isaac, August 19
Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)