On 04/10/2014 07:36 AM, jdd wrote:
Le 10/04/2014 16:31, Lew Wolfgang a écrit :
What can those users running openSuSE 12.2 do to fix the problem short of upgrading to 13.1?
let them run. I have servers running 12.1 because I never has time to update them. Of course nothing that have any value
I had some years ago a 2010 server running debian 3.0, with very old hardware and a config nobody could uderstand why it worked... I replaced it when the hardware failed
as far as I can see, the traffic of any of these servers is so low I don't thing they are compromised :-( - but I may be wrong
But my understanding is (hope I'm wrong!) that both servers and clients are affected. If you have a vulnerable SSL library on your home desktop and you happen to visit a compromised web server, that web server can exfiltrate all your RAM-resident data without your knowledge. I think that openSuSE 12.1 is okay and was never vulnerable. 12.2 and up are vulnerable. Regards, Lew -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org