Author: Rodrigo Campos Date: To: users Subject: Re: [bitfolk] SSL POODLE (CVE-2014-3566) vulnerabilities amongst
the customer base
On Thu, Oct 16, 2014 at 11:45:18PM +0100, Ian wrote: > Keith Williams said:
>
> > Debian has now produced a security update
> > to add support for Fallback SCSV to help mitigate the problem
>
> As with at least some of the heartbleed fix releases, the updated
> package for openssl doesn't restart every service that uses it.
>
> lsof -n | grep ssl | grep DEL
You can also use "checkrestart" from debian-goodies that will tell you what is
needed and the init script for each service (sometimes it fails to find the init
script, but sometimes).