FUDforum: comp.lang.php » Heartbleed bug?

Home » Imported messages » comp.lang.php » Heartbleed bug?

Show: Today's Messages :: Polls :: Message Navigator

Re: Heartbleed bug? [message #185532 is a reply to message #185530]

Wed, 09 April 2014 17:38

Jerry Stuckle
Messages: 2598
Registered: September 2010

Karma:

Senior Member

On 4/9/2014 11:56 AM, Robert Heller wrote:
> At Wed, 09 Apr 2014 11:21:51 -0400 Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>
>>
>> On 4/9/2014 9:56 AM, Robert Heller wrote:
>>> At Wed, 09 Apr 2014 09:17:46 -0400 Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>>>
>>>>
>>>> On 4/9/2014 8:24 AM, Kevin Burton wrote:
>>>> > Anyone know how this bug http://heartbleed.com/ affects PHP when the extension is enabled? Is there a patch for the extension?
>>>> >
>>>>
>>>> You need to be asking the OpenSSL people what products their bug affects.
>>>
>>> Since this is a shared library on a typical Linux system (eg LAMP server), it
>>> will affect any program that links with OpenSSL's library(-ies). I know that
>>> at least the CentOS user group is talking about it and I am sure RedHat is
>>> also looking at it. (A large number of LAMP servers run CentOS.)
>>>
>>>>
>>>
>>
>> That may or may not be. It depends on exactly what the problem is - or
>> exactly what it affects. From the description on the website, I can't
>> tell. Can you?
>>
>> Obviously, though, those who know the code would know exactly what it
>> affects.
>>
>> A bug in a program does not necessarily affect everything that touches
>> that program!
>
> According to the CentOS mailing list, a patched version of the openssl
> libraries was released yesterday. Only one version of CentOS (and I guess
> RHEL) were affected: 6.5. The patched version of the openssl fixes that (one
> also needs to remake certificates (with new private keys!) and revoke the old
> ones. CentOS 5 and CentOS 6.4 and earlier were NOT affected. In *my* case
> (deepsoft.com) since I run CentOS 5, *my* server is not affected. It is my
> understanding that a *large* number of LAMP webservers are running some
> version of CentOS. I presume that the system admins of the affected systems
> are on the CentOS mailing list and are on top of things.
>
>>
>>
>

That may be. But it still doesn't answer your original question as to
how (or even if) it affects PHP.

--
==================
Remove the "x" from my email address
Jerry Stuckle
jstucklex(at)attglobal(dot)net
==================

Report message to a moderator

[Message index]

		Heartbleed bug? By: Kevin Burton on Wed, 09 April 2014 12:24
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 13:17
		Re: Heartbleed bug? By: Robert Heller on Wed, 09 April 2014 13:56
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 15:21
		Re: Heartbleed bug? By: Christoph Michael Bec on Wed, 09 April 2014 15:43
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 17:37
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 06:51
		Re: Heartbleed bug? By: Jerry Stuckle on Thu, 10 April 2014 11:52
		Re: Heartbleed bug? By: Christoph Michael Bec on Thu, 10 April 2014 12:03
		Re: Heartbleed bug? By: Jerry Stuckle on Thu, 10 April 2014 16:36
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 23:01
		Re: Heartbleed bug? By: The Natural Philosoph on Thu, 10 April 2014 23:47
		Re: Heartbleed bug? By: Eli the Bearded on Fri, 11 April 2014 00:38
		Re: Heartbleed bug? By: Jerry Stuckle on Fri, 11 April 2014 01:58
		Re: Heartbleed bug? By: Denis McMahon on Fri, 11 April 2014 02:59
		Re: Heartbleed bug? By: The Natural Philosoph on Fri, 11 April 2014 03:36
		Re: Heartbleed bug? By: Jerry Stuckle on Fri, 11 April 2014 16:08
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 20:54
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 22:45
		Re: Heartbleed bug? By: Arno Welzel on Fri, 11 April 2014 06:33
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 15:47
		Re: Heartbleed bug? By: Robert Heller on Wed, 09 April 2014 15:56
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 17:38
		Re: Heartbleed bug? By: M. Strobel on Wed, 09 April 2014 22:11
		Re: Heartbleed bug? By: Jerry Stuckle on Thu, 10 April 2014 11:53
		Re: Heartbleed bug? By: The Natural Philosoph on Wed, 09 April 2014 20:02
		Re: Heartbleed bug? By: Adam Harvey on Wed, 09 April 2014 23:43
		Re: Heartbleed bug? By: Eli the Bearded on Thu, 10 April 2014 00:01
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 06:43
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 06:57
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 15:50
		Re: Heartbleed bug? By: The Natural Philosoph on Thu, 10 April 2014 18:37
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 20:56
		Re: Heartbleed bug? By: M. Strobel on Thu, 10 April 2014 21:32
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 23:14
		Re: Heartbleed bug? By: Arno Welzel on Fri, 11 April 2014 06:23
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 15:42
		Re: Heartbleed bug? By: Arno Welzel on Fri, 11 April 2014 11:00

Previous Topic:	cURL and response code 302
Next Topic:	PHP Parse error: syntax error, unexpected '$sql' (T_VARIABLE) in

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat May 18 04:21:52 GMT 2024

Total time taken to generate the page: 0.05708 seconds