[OpenIndiana-discuss] Critical security issue notification
John D Groenveld
jdg117 at elvis.arl.psu.edu
Thu Apr 10 15:06:38 UTC 2014
In message <1397139912.11917.YahooMailBasic at web161501.mail.bf1.yahoo.com>, Regi
nald Beardsley writes:
>I've looked at the source at illumos-gate and it would appear that OI is not a
>ffected, but it's not code I know well. Can anyone familiar with the Illumos
>OpenSSL implementation comment?
OI includes openssl 0.9.8 which is not vulnerable to Heartbleed:
<URL:http://pkg.openindiana.org/dev/manifest/0/library%2Fsecurity%2Fopenssl%400.9.8.25%2C5.11-0.151.1.9%3A20140117T202901Z>
<URL:http://www.us-cert.gov/ncas/alerts/TA14-098A>
John
groenveld at acm.org
More information about the OpenIndiana-discuss
mailing list