[stunnel-users] Bleedingheart Bug in OpenSSL
Koenraad Lelong
stunnel at ace-electronics.be
Fri Apr 11 08:28:04 CEST 2014
op 10-04-14 12:58, Kevin A. McGrail schreef:
> Replacing openssl and the certs should be an effective patch. You can
> always check by running ldd against the stunnel binary to confirm it
> is linking to a specific SSL library.
>
> There is also some consideration that you must assume systems were
> compromised and snooped and change all passwords as well...
> Regards,
> KAM
Hi,
I did to change passwords, but is this neccessary, since I'm using
stunnel with certs on both sides of the tunnel ? Just to understand this
case of openssl a bit more.
Koenraad.
More information about the stunnel-users
mailing list