Re: [bitfolk] SSL POODLE (CVE-2014-3566) vulnerabilities amo…

Top Page

Reply to this message
Author: Rodrigo Campos
Date:  
To: users
Subject: Re: [bitfolk] SSL POODLE (CVE-2014-3566) vulnerabilities amongst the customer base
On Thu, Oct 16, 2014 at 11:45:18PM +0100, Ian wrote:
> Keith Williams said:
>
> > Debian has now produced a security update
> > to add support for Fallback SCSV to help mitigate the problem
>
> As with at least some of the heartbleed fix releases, the updated
> package for openssl doesn't restart every service that uses it.
>
> lsof -n | grep ssl | grep DEL


You can also use "checkrestart" from debian-goodies that will tell you what is
needed and the init script for each service (sometimes it fails to find the init
script, but sometimes).




Thanks a lot,
Rodrigo