Heartbleed bug, update openssl package?

Home Page Forums Network Management ZeroShell Heartbleed bug, update openssl package?

This topic contains 3 replies, has 0 voices, and was last updated by  FlashEngineer 4 years, 12 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #43914

    Hi, is it possible we get the newer openssl to avoid heartbleed bug?

    #53271

    tls
    Member

    I asked the same question in the 3.0.0 release forum. I hope there is some patch that can be applied to versions going back a bit. I have 3 different versions deployed 🙂

    #53272

    tls
    Member

    @flashengineer wrote:

    Hi, is it possible we get the newer openssl to avoid heartbleed bug?

    I answered my own reply when I read more about the issue. Currently the version of OpenSSL on 3.0 and 2.0RC3 is “OpenSSL 0.9.8u 12 Mar 2012”.

    According to the CVE and other docs 0.9.8 is not effected, so no update is needed. Though it would be nice to update to current version to nail other issues, but this issue does not have an affect on ZS

    –tls

    #53273

    rsiera
    Member

    Thx for the update tls!

    #53274

    reaperz
    Member

    Sometimes it is better to use older “tried and tested” software. New versions just introduce new bugs. Such as Heartbleed 😀

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.