[arch-general] Heartbleed-bug in OpenSSL 1.0.1 up to 1.0.1f

Pierre Schmitz pierre at archlinux.de
Tue Apr 8 12:29:37 EDT 2014


Am 08.04.2014 17:29, schrieb Neal Oakey:
> Hi,
> 
> there is an Bug(1) in OpenSSL 1.0.1 and as far as I'm informed this has
> only been patched in 1.0.1g.
> Many other Distributions have build there own patch, what is with us?
> Currently we have "1.0.1.f-2" which is effected as far as I can know.
> 
> Greetings
> Neal
> 
> 1) (sry, German)
> http://www.golem.de/news/sicherheitsluecke-keys-auslesen-mit-openssl-1404-105685.html

I actually did push an updated package within 3 hours after the public
announcement. I think that is pretty reasonable especially since we are
not among the fortunate distros and companies that were notified
beforehand.

Greetings,

Pierre

-- 
Pierre Schmitz, https://pierre-schmitz.com


More information about the arch-general mailing list