Op 25 apr. 2014 09:41 schreef "David C. Rankin" < drankinatty@xxxxxxxxxxxxxxxxxx> het volgende: > > Guys, > > I was testing my boxes after updating to openssl 1.0.1.g-1 with heartbleed.c > and I am still able to grab and decrypt ssl packets. The openssl security note > says 1.0.1.g is not effected by the bug, but I can still get a 64k chuck of data > back from my server using the heartbleed.c test. (if I'm reading the output > correctly) Am I may be doing something wrong? It is worth asking to be sure. Probably a stupid question, but you did restart the affected daemons (or system) after the update? Otherwise, they'll be using the old lib. mvg, Guus
