[RndTbl] OpenSSL again: update now

Trevor Cordes trevor at tecnopolis.ca
Fri Jun 6 23:01:30 CDT 2014

Obviously OpenSSL is getting the royal treatment of scrutiny now...
these two bugs were fixed this week, and both are potentially very

could allow remote arbitrary code execution in a default setup

was considered bad enough by the Fedora people to issue a separate
warning statement (they almost never do that), though it depends on
both sides using OpenSSL, which would be rare-ish in the browser world
dominated by FF, Chrome, IE, etc, under normal use cases

Don't forget to restart your httpd (and every other "d" that uses
OpenSSL) after updating!

More information about the Roundtable mailing list