9 Apr
2014
9 Apr
'14
9:25 p.m.
tor@t-3.net:
Redhat's emailed warning to update OpenSSL went out yesterday as "Security Advisory - RHSA-2014:0376-1". CentOS' updated OpenSSL was available right away as well, and the CentOS 6.5 boxes pulled it right down in an update.
just FYI: https://listserv.fnal.gov/scripts/wa.exe?A2=ind1404&L=scientific-linux-u... "CentOS hacked up a fix that disabled the feature prior to Red Hat pushing the official errata. CentOS replaced the hack ~90 minutes later."
if interested, you may also look through the Scientific Linux-{devel,errata,users} list for more information on heartbleed for RHEL/SL/CentOS