[kwlug-disc] Heartbleed OpenSSL bug
kb at 2bits.com
Tue Apr 8 12:06:42 EDT 2014
The Ubuntu fix for this came out yesterday.
You can use this python tool ssltest.py to check if your servers are
$ wget -O ssltest.py "http://pastebin.com/raw.php?i=WmxzjkXJ"
$ python ssltest.py example.com
On Tue, Apr 8, 2014 at 11:54 AM, Adam Glauser <adamglauser at gmail.com> wrote:
> On Tue, Apr 8, 2014 at 11:40 AM, L.D. Paniak <ldpaniak at fourpisolutions.com
> > wrote:
>> As many of you already know, there is a critical flaw in OpenSSL
>> versions 1.0.1-1.0.1f (and 1.0.2beta) which allows for attackers to
>> access server (and client) memory.
> Regarding client software:
> You can check Cygwin systems as follows: `cygcheck -l | grep cygssl`
> Firefox and Chrome/Chromium use NSS instead of OpenSSL, so are not
> Also, there is a command-line tester tool you can use to check your sites.
>  There is also a web tester at http://filippo.io/Heartbleed/, though
> it seems to be having load problems (surprise!).
> Does anyone know if Android apps typically provide their own SSL
> implementation? That is, does each app need updating?
>  https://github.com/FiloSottile/Heartbleed
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
Khalid M. Baheyeldin
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- Leonardo da Vinci
For every complex problem, there is an answer that is clear, simple, and
wrong." -- H.L. Mencken
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the kwlug-disc