k***e
发帖数: 7933 | 1 centos 6,openssl是1.0.1e,heartbleed vulnerable。更新openssl说没有
# yum update openssl
Loaded plugins: security
Setting up Update Process
No Packages marked for Update
#
需要怎么更新? |
f**y
发帖数: 138 | 2 1.0.1e-16.7 in centos 6 should already contain the fix:
* Mon Apr 07 2014 Tomáš Mráz 1.0.1e-16.7
- fix CVE-2014-0160 - information disclosure in TLS heartbeat extension |
k***e
发帖数: 7933 | 3 我网上查说是要1.0.1g才可以
我现在的是
Version : 1.0.1e
Release : 16.el6_5.7
centos是:
Linux xxxxx 2.6.32-431.11.2.el6.x86_64 #1 SMP Tue Mar 25 19:59:55 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
【在 f**y 的大作中提到】
: 1.0.1e-16.7 in centos 6 should already contain the fix:
: * Mon Apr 07 2014 Tomáš Mráz 1.0.1e-16.7
: - fix CVE-2014-0160 - information disclosure in TLS heartbeat extension
|
f**y
发帖数: 138 | 4 RedHat back ported the fix to 1.0.1e. So you are fine. |
k***e
发帖数: 7933 | 5 我的vm是3/25生成的,没有update过,那个时候这个bug还没发现
怎么能确认一下?
【在 f**y 的大作中提到】
: RedHat back ported the fix to 1.0.1e. So you are fine.
|
f**y
发帖数: 138 | 6 You already have openssl-1.0.1e-16.el6_5.7 installed. And I already showed
you the change log of this version which contains the fix.
By the way, CentOS auto updates periodically. |
