[LUNA] heartbleed
Chris Brightwell
chris at dimwell.net
Thu Apr 10 10:31:03 CDT 2014
Users of OS X and OS X Server, assuming they're up to date (OS X Mavericks,
10.9.2), appear to be unaffected.
http://www.tuaw.com/2014/04/09/why-the-openssl-heartbleed-bug-doesnt-affect-os-x-or-os-x-serve/
On Thu, Apr 10, 2014 at 10:26 AM, Bob Nance <bob.nance at novationsys.com>wrote:
> ALL versions of OpenSSL had the bug.
>
> There is no way to track that the bug was triggered.
>
> It did not require you to actually access or authenticate to the system in
> any way.
>
> The bug, basically, did a memory dump of the running system (as I
> understand it).
>
> So, it must be assumed that EVERY OpenSSL implementation was being
> triggered every few minutes since the dawn of time.
>
> Yes, it¹s that bad.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lunagroup.us/pipermail/luna/attachments/20140410/2347c836/attachment.html>
More information about the LUNA
mailing list