[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
advance notice: OpenSSL CVE-2014-0160 ("heartbleed")
this is advance notice of an OpenSSL bug that impacts NetBSD-6
(and NetBSD-current) as well as pkgsrc.
openssl-1.0.1g has the fix. NetBSD-current is updated as of 2:20UTC,
the NetBSD-6* fix has just hit the repository, updated binaries are
NetBSD-5 is not affected, but openssl pkgsrc packages on -5 may be.
The vulnerability is in libssl. For example https servers are
targettable with this vulnerability.
See https://www.openssl.org/news/secadv_20140407.txt for the
A formal advisory will follow.
Main Index |
Thread Index |