Re: [CentOS-announce] CVE-2014-0160 CentOS 6 openssl heartbleed workaround

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Wed, 9 Apr 2014, Johnny Hughes wrote:


1.  Besides doing the updates, you should replace any certificates
   using SSL or TLS that are openssl based.  This includes VPN,
   HTTPD, etc.  See http://heartbleed.com/ for more info on impacted
   keys.
The OpenVPN folks note that if your configuration uses the additional TLS auth configuration bits (tls-auth), then OpenVPN certificates were not exposed to a heartbeat attach. 

--
Paul Heinlein
heinlein@xxxxxxxxxx
45°38' N, 122°6' W
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux