16 Oct
2014
16 Oct
'14
10:45 p.m.
Keith Williams said:
Debian has now produced a security update
to add support for Fallback SCSV to help mitigate the problem
As with at least some of the heartbleed fix releases, the updated
package for openssl doesn't restart every service that uses it.
lsof -n | grep ssl | grep DEL
.. will list those still running the old version and needing to be
restarted.
For me, that list included apache2, postfix, opendkim, bind9, webmin and
fail2ban.
Ian