[Ninux-Wireless] [ninux-roma] OpenWrt e AirOs - OpenSSL: update to 1.0.1g - heartbleed bug
Edoardo Mazzaracchio
edoardo.mazzaracchio a gmail.com
Ven 11 Apr 2014 09:42:42 CEST
Ho appena fatto un "sudo apt-get update" e "sudo apt-get upgrade" su EdgeOS
del mio EdgeMAX e ha aggiornato proprio OpenSSL:
nazza a Nazza-Edge:~$ sudo apt-get upgrade
Reading package lists... Done
Building dependency tree... Done
The following packages will be upgraded:
openssh-client openssh-server ssh
3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1253 kB of archives.
After this operation, 45.1 kB disk space will be freed.
Do you want to continue [Y/n]? Y
Per AirOS non ho ancora visto
2014-04-11 9:02 GMT+02:00 Saverio Proto <zioproto a gmail.com>:
> Ciao,
>
> inoltro da OpenWrt Devel.
>
> OpenWrt ha gia rilasciato il nuovo ipkg di OpenSSL.
>
> Alla grande il sui miei apparato Scooreggione sono entrato ed ho dato i
> comandi
>
> opkg update
> opkg install openssl
>
> ed ho aggiornato openssl senza dover riflashare.
>
> Io non ho piu apparati miei con AirOS. Chi ha accesso ad apparati
> AirOS con Sburratone, puo fare ldd per controllare il web server
> lighttpd che versione di OpenSSL usa ?
>
> Stanno uscendo i tools per sfruttare il bug. Questo è un bug serio.
>
> Saverio
>
>
>
> ---------- Forwarded message ----------
> From: John Crispin <john a phrozen.org>
> Date: 2014-04-10 22:45 GMT+02:00
> Subject: [OpenWrt-Devel] OpenSSL: update to 1.0.1g - heartbleed bug
> To: OpenWrt Development List <openwrt-devel a lists.openwrt.org>
>
>
> Heartbleed - libopenssl AA binary feed update
>
> we updated the AA release. the files libopenssl_1.0.1e-1_*.ipk have
> been replaced with libopenssl_1.0.1g-1_*.ipk and the Packages index
> was updated. If you use openssl on your unit you need to run :
>
> # opkg update
> # opkg upgrade libopenssl
>
> In order to ensure that all affected services are using the updated
> OpenSSL library it is recommended to reboot the device after applying
> the upgrade.
>
> To find out more about the bug go to - http://heartbleed.com/
>
> Note that default OpenWrt installations are not vulnerable to the
> particular bug, neither the builtin SSH server nor the optional LuCI
> SSL support rely on OpenSSL for cryptography.
>
> The OpenSSL library is not installed within the stock images available
> on the download server.
>
> This is not a lightweight bug. Please take it serious and check your unit.
>
> OpenWrt Developers
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel a lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
-------------- parte successiva --------------
Un allegato HTML è stato rimosso...
URL: <http://ml.ninux.org/pipermail/wireless/attachments/20140411/f285d27a/attachment-0001.html>
Maggiori informazioni sulla lista
Wireless