Wednesday, April 9, 2014

Nasty OpenSSL Bug Fixed

The nasty OpenSSL heartbleed extension bug has been fixed on -current and -stable releases back to Slackware 14.0. Earlier Slackware releases are not affected since they don't use the vulnerable 1.0.1 branch.

Since this library is used on many other applications as well, please ensure to apply this upgrade as soon as possible as this bug can reveal up to 64k of  memory to read credentials created using the vulnerable (unpatched) libraries.