http://arstechnica.com/security/2016/01 ... s-traffic/
High-severity bug in OpenSSL allows attackers to decrypt HTTPS traffic
Thursday's release also contained additional hardening against Logjam
People using OpenSSL version 1.0.2 should upgrade to 1.0.2f, while those still using version 1.0.1 should install 1.0.1r. Thursday's OpenSSL advisory also reminded users that support for version 1.0.1 will end at the end of this year, after which no security fixes will be available. Support for versions 0.9.8 and 1.0.0 ended in December.
OpenSSL release update that fixes High-severity bug
Yeah, if you're running a "server" you'd wanna address this.
Here's your client-side >> https://www.ssllabs.com/ssltest/viewMyClient.html
Here's your client-side >> https://www.ssllabs.com/ssltest/viewMyClient.html
The ars-technica article states that only openSSL1.0.2 is affected. A reminder that openSSL 1.0.1 is unsupprted as of 12/31/2016, and that openSSL 1.0.0, and 0.9.8 are no longer supported as of 1/1/2016.
not yet in slacko5.7's (slackware14.0) updates... should be there soon.
not yet in slacko5.7's (slackware14.0) updates... should be there soon.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."