- This topic has 1 reply, 2 voices, and was last updated 10 years, 4 months ago by
.
-
Topic
-
Does anyone know if the recent http://heartbleed.com/ Heartbleed Bug is an issue on any of the Cloverleaf installations on ALL modules.We are running RHEL Linux so assume the standard patch from Red Hat will work without adversely impacting our HTTPS, IB and FTPS (S)FTP intrefaces.
-
Replies
-
-
It’s dependant on your openssl version. Versions 1.0.1 through 1.0.1f are affected.
To check execute the following.
Code:openssl version
This issue mainly affects external (internet) facing servers that do not have ip range restrictions for clients. It does not affect client connections to other servers (although those servers may have been compromised. It is up to those vendors to check).
If you have an external facing server and the openssl version is or has been one of the affected versions, then it may be safer to re-issue the certificates and change the passwords for the users that use the interface.
-
- The forum ‘Cloverleaf’ is closed to new topics and replies.
