MRatWork Forum by Mustafa Ramadhan

Sawo Project - Kloxo-MR Discussions => Kloxo-MR Releases => Topic started by: MRatWork on 2014-06-06, 08:49:32

Title: [INFO] SL/TLS MITM vulnerability (CVE-2014-0224) for OpenSSL
Post by: MRatWork on 2014-06-06, 08:49:32
According to https://www.openssl.org/news/secadv_20140605.txt where OpenSSL have '
SSL/TLS MITM vulnerability (CVE-2014-0224)'.

To fix this issue, run:
Code: [Select]
cd /
yum clean all
yum update
Title: Re: [INFO] SL/TLS MITM vulnerability (CVE-2014-0224) for OpenSSL
Post by: Spacedust on 2014-06-06, 16:51:38
I only see 1.0.1e in your repo:

[root@backup ~]# rpm -qi openssl
Name        : openssl                      Relocations: (not relocatable)
Version     : 1.0.1e                            Vendor: CentOS
Release     : 16.el6_5.14                   Build Date: czw, 5 cze 2014, 08:59:14
Install Date: czw, 5 cze 2014, 17:32:34        Build Host: c6b8.bsys.dev.centos.org
Group       : System Environment/Libraries   Source RPM: openssl-1.0.1e-16.el6_5.14.src.rpm
Size        : 4209656                          License: OpenSSL
Signature   : RSA/SHA1, czw, 5 cze 2014, 09:02:17, Key ID 0946fca2c105b9de
Packager    : CentOS BuildSystem <http://bugs.centos.org>
URL         : http://www.openssl.org/
Summary     : A general purpose cryptography library with TLS implementation
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.
Title: Re: [INFO] SL/TLS MITM vulnerability (CVE-2014-0224) for OpenSSL
Post by: MRatWork on 2014-06-06, 17:19:39
Serve by CentOS itself.