11 Apr
2014
11 Apr
'14
6:28 a.m.
op 10-04-14 12:58, Kevin A. McGrail schreef:
Replacing openssl and the certs should be an effective patch. You can always check by running ldd against the stunnel binary to confirm it is linking to a specific SSL library.
There is also some consideration that you must assume systems were compromised and snooped and change all passwords as well... Regards, KAM
Hi,
I did to change passwords, but is this neccessary, since I'm using stunnel with certs on both sides of the tunnel ? Just to understand this case of openssl a bit more.
Koenraad.