#4927 closed enhancement (wontfix)
Upgrade
| Reported by: | Yassine EL BADAOUI | Owned by: | |
|---|---|---|---|
| Priority: | high | Milestone: | 7.5 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
There's a serious bug in OpenSSL that was unrevealed since 2 years!!
versions of OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable, so please upgrade the current and next versions of xLFS books OpenSSL page immediately to use to OpenSSL 1.0.1g!
Preferably old version of the book which use vulnerable versions of OpenSSL should be updated or downgraded to non vulnerable versions as well.
Details: http://heartbleed.com/
Official announcement: https://www.openssl.org/news/secadv_20140407.txt
Note:
See TracTickets
for help on using tickets.
SVN book has been updated already, yesterday. Book rendered today has the new version. But thanks, anyway, for the concern.
Unfortunately, a released version of the book cannot be modified.
http://wiki.linuxfromscratch.org/blfs/ticket/4924