OpenSSL heartbleed vulnerability

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenSSL heartbleed vulnerability

Jackie Ng
Hi All,

Does anyone know if the OpenSSL in FDO Thirdparty one of the versions affected by the heartbleed vulnerability disclosed today (http://heartbleed.com/)?

What FDO providers use OpenSSL?

- Jackie
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL heartbleed vulnerability

Gabriele Monfardini
Hi,

in fdo 3.8.0 that I've downloaded from the site, openssl version seems to beĀ 1.0.0 which AFAIK is not vulnerable.

Regards,

Gabriele Monfardini





_______________________________________________
fdo-internals mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/fdo-internals
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL heartbleed vulnerability

Karsten Winter
Hi all,

FDO 3.9.0 has OpenSSL 1.0.1e, which seems to be affected.

Best regards
Karsten
Reply | Threaded
Open this post in threaded view
|

Re: OpenSSL heartbleed vulnerability

Greg Boone
I will investigate a patch that uses OpenSSL 1.0.1g

Greg

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of Karsten Winter
Sent: Tuesday, April 08, 2014 10:49 AM
To: [hidden email]
Subject: Re: [fdo-internals] OpenSSL heartbleed vulnerability

Hi all,

FDO 3.9.0 has OpenSSL 1.0.1e, which seems to be affected.

Best regards
Karsten



--
View this message in context: http://osgeo-org.1560.x6.nabble.com/OpenSSL-heartbleed-vulnerability-tp5133748p5133851.html
Sent from the FDO Internals mailing list archive at Nabble.com.
_______________________________________________
fdo-internals mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/fdo-internals
_______________________________________________
fdo-internals mailing list
[hidden email]
http://lists.osgeo.org/mailman/listinfo/fdo-internals