[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

HeartBleed, Zimbra 8.0.6 (and other versions likely) vulnerable.

To: zimbra-hied-admins <zimbra-hied-admins@sfu.ca>
Subject: HeartBleed, Zimbra 8.0.6 (and other versions likely) vulnerable.
From: Nathan <lagern@lafayette.edu>
Date: Tue, 08 Apr 2014 11:03:04 -0400
List-help: <mailto:zimbra-hied-admins-request@sfu.ca?subject=help> (List Instructions)
List-id: <zimbra-hied-admins.sfu.ca>
List-owner: <mailto:owner-zimbra-hied-admins@sfu.ca>
List-unsubscribe: <mailto:zimbra-hied-admins-request@sfu.ca?subject=unsubscribe>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This is a very big deal.

http://heartbleed.com
https://bugzilla.zimbra.com/show_bug.cgi?id=88688


The work-around in comment 19 works on rhel6.5.  I'm still working on
a 6.4 fix, as thats what my zimbra servers are running.

This, as far as I know, only applies to the proxy servers.  I am
testing against a stand-alone box now.

Test your systems with: https://gist.github.com/takeshixx/10107280


- -- 
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE, RHCVA (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlNED6gACgkQsZqG4IN3sung0QCfTzOk9lcyKAchAbeIRn7bTveL
OvAAniZ2+7cK/V5PBuYUue2ALwWQrAbO
=nWZt
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: HeartBleed, Zimbra 8.0.6 (and other versions likely) vulnerable.
  - From: Nathan <lagern@lafayette.edu>

Prev by Date: Script recovery from Dumpster?
Next by Date: Re: HeartBleed, Zimbra 8.0.6 (and other versions likely) vulnerable.
Previous by thread: Script recovery from Dumpster?
Next by thread: Re: HeartBleed, Zimbra 8.0.6 (and other versions likely) vulnerable.
Index(es):
- Date
- Thread