quote from http://heartbleed.com:
I found the information in german here:The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library.
This weakness allows stealing the information protected, under normal conditions,
by the SSL/TLS encryption used to secure the Internet.
SSL/TLS provides communication security and privacy over the Internet for applications such as web, email,
instant messaging (IM) and some virtual private networks (VPNs).
http://www.heise.de/newsticker/meldung/ ... 65517.html
In english see here:
http://heartbleed.com
https://www.openssl.org
https://www.openssl.org/news/secadv_20140407.txt
quote from http://heartbleed.com:
For the Porteus 64bit version:What versions of the OpenSSL are affected?
Status of different versions:
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable
Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.
Version on Porteus = 1.0.1f
It exist right working source directory, with the 1.0.1g version here,
But i miss finished package.
So i have make a build-script that use the slackware build-scripts from the source.
You can download here. (run the script as root / tested on Porteus 64bit v3.0 KDE with 05-devel.xzm)
If you are lazy you can download finished package here: openssl-1.0.1g-x86_64-1KnKo.xzm
md5sum: 936227691b29cf2d7078e34c15d644d3
thereby obtained openssl-solibs-1.0.1g-x86_64-1KnKo.xzm
md5sum: 91be332e3b83660efa91603474397031
For the i486 version:
I have not yet dealt with