[OpenIndiana-discuss] Critical security issue notification
Udo Grabowski (IMK)
udo.grabowski at kit.edu
Thu Apr 10 15:08:34 UTC 2014
On 10/04/2014 16:25, Reginald Beardsley wrote:
> Not sure if this will work because of the DMARC issue.
>
> The OpenSSL Heartbleed bug has me pondering the security notification process for OI/Illumos.
>
> OpenIndiana-announce hasn't had any traffic since 2011, so this would seem to be where such announcement should appear.
>
> I've looked at the source at illumos-gate and it would appear that OI is not affected, but it's not code I know well. Can anyone familiar with the Illumos OpenSSL implementation comment?
>
The openssl version delivered in a9 is so old (0.9.8) that
the bug was even not implemented then ...
Moral: Never run a changing system !
--
Dr.Udo Grabowski Inst.f.Meteorology a.Climate Research IMK-ASF-SAT
http://www.imk-asf.kit.edu/english/sat.php
KIT - Karlsruhe Institute of Technology http://www.kit.edu
Postfach 3640,76021 Karlsruhe,Germany T:(+49)721 608-26026 F:-926026
More information about the OpenIndiana-discuss
mailing list