FUDforum: comp.lang.php » Heartbleed bug?

Home » Imported messages » comp.lang.php » Heartbleed bug?

Show: Today's Messages :: Polls :: Message Navigator

Re: Heartbleed bug? [message #185534 is a reply to message #185530]

Wed, 09 April 2014 20:02

The Natural Philosoph
Messages: 993
Registered: September 2010

Karma:

Senior Member

On 09/04/14 16:56, Robert Heller wrote:
> At Wed, 09 Apr 2014 11:21:51 -0400 Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>
>>
>> On 4/9/2014 9:56 AM, Robert Heller wrote:
>>> At Wed, 09 Apr 2014 09:17:46 -0400 Jerry Stuckle <jstucklex(at)attglobal(dot)net> wrote:
>>>
>>>>
>>>> On 4/9/2014 8:24 AM, Kevin Burton wrote:
>>>> > Anyone know how this bug http://heartbleed.com/ affects PHP when the extension is enabled? Is there a patch for the extension?
>>>> >
>>>>
>>>> You need to be asking the OpenSSL people what products their bug affects.
>>>
>>> Since this is a shared library on a typical Linux system (eg LAMP server), it
>>> will affect any program that links with OpenSSL's library(-ies). I know that
>>> at least the CentOS user group is talking about it and I am sure RedHat is
>>> also looking at it. (A large number of LAMP servers run CentOS.)
>>>
>>>>
>>>
>>
>> That may or may not be. It depends on exactly what the problem is - or
>> exactly what it affects. From the description on the website, I can't
>> tell. Can you?
>>
>> Obviously, though, those who know the code would know exactly what it
>> affects.
>>
>> A bug in a program does not necessarily affect everything that touches
>> that program!
>
> According to the CentOS mailing list, a patched version of the openssl
> libraries was released yesterday. Only one version of CentOS (and I guess
> RHEL) were affected: 6.5. The patched version of the openssl fixes that (one
> also needs to remake certificates (with new private keys!) and revoke the old
> ones. CentOS 5 and CentOS 6.4 and earlier were NOT affected. In *my* case
> (deepsoft.com) since I run CentOS 5, *my* server is not affected. It is my
> understanding that a *large* number of LAMP webservers are running some
> version of CentOS. I presume that the system admins of the affected systems
> are on the CentOS mailing list and are on top of things.
>
>>
>>
>
I've seen and installed SSL updates on the mint<-Ubuntu<-debian tree
yesterday

--
Ineptocracy

(in-ep-toc’-ra-cy) – a system of government where the least capable to
lead are elected by the least capable of producing, and where the
members of society least likely to sustain themselves or succeed, are
rewarded with goods and services paid for by the confiscated wealth of a
diminishing number of producers.

Report message to a moderator

[Message index]

		Heartbleed bug? By: Kevin Burton on Wed, 09 April 2014 12:24
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 13:17
		Re: Heartbleed bug? By: Robert Heller on Wed, 09 April 2014 13:56
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 15:21
		Re: Heartbleed bug? By: Christoph Michael Bec on Wed, 09 April 2014 15:43
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 17:37
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 06:51
		Re: Heartbleed bug? By: Jerry Stuckle on Thu, 10 April 2014 11:52
		Re: Heartbleed bug? By: Christoph Michael Bec on Thu, 10 April 2014 12:03
		Re: Heartbleed bug? By: Jerry Stuckle on Thu, 10 April 2014 16:36
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 23:01
		Re: Heartbleed bug? By: The Natural Philosoph on Thu, 10 April 2014 23:47
		Re: Heartbleed bug? By: Eli the Bearded on Fri, 11 April 2014 00:38
		Re: Heartbleed bug? By: Jerry Stuckle on Fri, 11 April 2014 01:58
		Re: Heartbleed bug? By: Denis McMahon on Fri, 11 April 2014 02:59
		Re: Heartbleed bug? By: The Natural Philosoph on Fri, 11 April 2014 03:36
		Re: Heartbleed bug? By: Jerry Stuckle on Fri, 11 April 2014 16:08
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 20:54
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 22:45
		Re: Heartbleed bug? By: Arno Welzel on Fri, 11 April 2014 06:33
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 15:47
		Re: Heartbleed bug? By: Robert Heller on Wed, 09 April 2014 15:56
		Re: Heartbleed bug? By: Jerry Stuckle on Wed, 09 April 2014 17:38
		Re: Heartbleed bug? By: M. Strobel on Wed, 09 April 2014 22:11
		Re: Heartbleed bug? By: Jerry Stuckle on Thu, 10 April 2014 11:53
		Re: Heartbleed bug? By: The Natural Philosoph on Wed, 09 April 2014 20:02
		Re: Heartbleed bug? By: Adam Harvey on Wed, 09 April 2014 23:43
		Re: Heartbleed bug? By: Eli the Bearded on Thu, 10 April 2014 00:01
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 06:43
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 06:57
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 15:50
		Re: Heartbleed bug? By: The Natural Philosoph on Thu, 10 April 2014 18:37
		Re: Heartbleed bug? By: Arno Welzel on Thu, 10 April 2014 20:56
		Re: Heartbleed bug? By: M. Strobel on Thu, 10 April 2014 21:32
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 23:14
		Re: Heartbleed bug? By: Arno Welzel on Fri, 11 April 2014 06:23
		Re: Heartbleed bug? By: Denis McMahon on Thu, 10 April 2014 15:42
		Re: Heartbleed bug? By: Arno Welzel on Fri, 11 April 2014 11:00

Previous Topic:	cURL and response code 302
Next Topic:	PHP Parse error: syntax error, unexpected '$sql' (T_VARIABLE) in

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat May 18 07:53:47 GMT 2024

Total time taken to generate the page: 0.05106 seconds