New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
OpenSSL vunrability
http://lists.grok.org.uk/pipermail/full-disclosure/2012-April/086585.html
Just though you guys may want to know.
It shouldnt effect too many people here (only effects 64 bit systems) but worth a post anyway
Comments
Thanks for the info.
Anyway, seems like a comples thing to exploit... or not?
Since the freaking ubuntu/debian mantainers take a loooong time to update packages (see the php hash vulns), I wonder how much time this thing will take.
Where says it's only in x64? This particular example is for x64.
from what i can see its expecting a 32 bit input. when the input is larger it has problems not 100% but looking through it, that's how it reads to me
Debian has released a security advisory and an update - http://www.debian.org/security/2012/dsa-2454
Wow, that was... fast
Ubuntu also has updated openssl packages. Nothing for CentOS yet, as far as i can see.
so debian is ok too
freebsd still herp derping