Re: [bitfolk] SSL POODLE (CVE-2014-3566) vulnerabilities amo…

Top Page

Reply to this message
Author: Ian
Date:  
To: users
Subject: Re: [bitfolk] SSL POODLE (CVE-2014-3566) vulnerabilities amongst the customer base
Keith Williams said:

> Debian has now produced a security update
> to add support for Fallback SCSV to help mitigate the problem


As with at least some of the heartbleed fix releases, the updated
package for openssl doesn't restart every service that uses it.

lsof -n | grep ssl | grep DEL

.. will list those still running the old version and needing to be
restarted.

For me, that list included apache2, postfix, opendkim, bind9, webmin and
fail2ban.

Ian