[tor-relays] 1.0.1e-2+deb7u5 should be good for Wheezy
Roman Mamedov
rm at romanrm.net
Tue Apr 8 18:19:06 UTC 2014
On Tue, 08 Apr 2014 19:54:21 +0200
elrippo <elrippo at elrippoisland.net> wrote:
> Hy there.
>
> My Debian Wheezy box is using 1.0.1e-2+deb7u6 after the upgrade
>
> I think this should be good :)
Thanks for the heads-up, turns out it was updated twice in a day.
I guess the 6th version is not as important if you remembered to manually
restart everything that's using OpenSSL.
openssl (1.0.1e-2+deb7u6) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Enable checking for services that may need to be restarted
* Update list of services to possibly restart
-- Salvatore Bonaccorso <carnil at debian.org> Tue, 08 Apr 2014 10:44:53 +0200
openssl (1.0.1e-2+deb7u5) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
* Add CVE-2014-0160.patch patch.
CVE-2014-0160: Fix TLS/DTLS hearbeat information disclosure.
A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or
server.
-- Salvatore Bonaccorso <carnil at debian.org> Mon, 07 Apr 2014 22:26:55 +0200
--
With respect,
Roman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140409/8cf15ee8/attachment.sig>
More information about the tor-relays
mailing list