[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HeartBleed, Zimbra 8.0.6 (and other versions likely) vulnerable.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Update.
on RHEL6 previous to 6.5, you need to apply the RedHat
openssl-1.0.1e-16.el6_5.7.x86_64 update from today.
Then do the work-around mentioned previously.
This also appears to affect postfix, its worth patching there too, but
i have not yet tested.
On 04/08/2014 11:03 AM, Nathan wrote:
> This is a very big deal.
>
> http://heartbleed.com
> https://bugzilla.zimbra.com/show_bug.cgi?id=88688
>
>
> The work-around in comment 19 works on rhel6.5. I'm still working
> on a 6.4 fix, as thats what my zimbra servers are running.
>
> This, as far as I know, only applies to the proxy servers. I am
> testing against a stand-alone box now.
>
> Test your systems with: https://gist.github.com/takeshixx/10107280
>
>
>
- --
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE, RHCVA (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlNEEtoACgkQsZqG4IN3sulOVQCfROfN/nuRCRIhISpNfUx887Is
vlgAn3Lrv9CPDqZ1dk/JnlBbuM2j+HHr
=Ks5V
-----END PGP SIGNATURE-----