11 Apr
2014
11 Apr
'14
12:27
On Fri, Apr 11, 2014 at 08:18:55AM -0400, James Rome wrote:
I have applied all patched to my OpenSUSE 13.1 server and restarted Apache, but https://www.ssllabs.com/ssltest/analyze.html says I am still vulnerable to heartbleed. What else must I do?
check with "zypper ps" if there are processes active that still use the old libssl. Check with rpm -q libopenssl1_0_0 --changelog|less if the fix is in the rpm. (CVE-2014-0160) Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org