Re: Fwd: Status on CVE-2014-0160, aka "Heartbleed"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 08.04.2014 05:12, Ed Greshko wrote:
> FYI....
> 
> 
> -------- Original Message --------
> Subject: 	Status on CVE-2014-0160, aka "Heartbleed"
> Date: 	Mon, 7 Apr 2014 23:01:24 -0400 (EDT)
> From: 	Robyn Bergeron <rbergero@xxxxxxxxxx>
> Reply-To: 	users@xxxxxxxxxxxxxxxxxxxxxxx
> To: 	announce@xxxxxxxxxxxxxxxxxxxxxxx
> 
> 
> 
> Greetings, Fedora community:
> 
> We're aware of the recently disclosed CVE-2014-0160 (aka 
> "Heartbleed"):
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=1085065 (openssl)
> https://bugzilla.redhat.com/show_bug.cgi?id=1085066 (mingw-openssl)
> 
> The issue affects the currently supported Fedora 19 and Fedora 20 
> releases. Updates for openssl packages are available now, and
> mirrors near you will receive them shortly. If you do not want to 
> wait for your local mirror to get updates, you can retrieve and 
> install packages directly:
> 
> For Fedora 19 x86_64:
>   yum -y install koji
>   koji download-build --arch=x86_64 openssl-1.0.1e-37.fc19.1
>   yum localinstall openssl-1.0.1e-37.fc19.1.x86_64.rpm
> 
> For Fedora 20 x86_64:
>   yum -y install koji
>   koji download-build --arch=x86_64 openssl-1.0.1e-37.fc20.1
>   yum localinstall openssl-1.0.1e-37.fc20.1.x86_64.rpm
> 
> Substitute i686 for 32-bit systems, or armv7hl for ARM systems (F20
> only).
> 
> Package updates for mingw-openssl will receive fixes shortly and 
> we'll update the community when they are available. Note that 
> Fedora 18, which is no longer supported by the Fedora community, is 
> also affected by this issue. Fedora 17 and previous releases, also no 
> longer supported, are not affected by this issue.
> 
> Fedora Release Engineering is currently regenerating AMIs and
> qcow2/kvm images to include the fix.
> 
> The Fedora Infrastructure team is working to assess any additional 
> impact, and will update the community as we develop more information.
> 
> Thanks for your patience as we work on this issue.
> 
> ACKNOWLEDGMENTS: Special thanks to Dennis Gilmore for quickly providing
> package updates, and Major Hayden for providing the manual update
> guidance above.
> 
> 
> -Robyn Bergeron
> 
> 
> 

Apropos the "heartbleed bug"
http://heartbleed.com/


poma


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux