This is bs. https://news.ycombinator.com/item?id=7701208 On Tue, 6 May 2014, Odinn Cyberguerrilla wrote:
Date: Tue, 6 May 2014 09:41:57 -0700 From: Odinn Cyberguerrilla <odinn.cyberguerrilla@riseup.net> To: Matej Kovacic <matej.kovacic@owca.info> Cc: cypherpunks@cpunks.org Subject: Re: OpenSSH memory leak
Hi,
(NOT OpenSSL!)
in case you didn't came aroud this:
Unfortunately, there is no patch yet...
Regards,
M.
Possibly related is this:
Let's say you are in some garden variety Ubuntu and as of May 5 or thereabouts, you were happily sitting on the best version available of OpenSSL which would be (as of April 2014): OpenSSL1.0.1g 7 Apr 2014 And then sometime late on May 5, 2014 you decided to do this in your terminal...
sudo apt-get update && sudo apt-get upgrade
Oh, well that was interesting
Now go back in and do this
openssl version -a
Wait a minute...
yes, most people are going to have to go back in and
curl https://www.openssl.org/source/openssl-1.0.1g.tar.gz | tar xz && cd openssl-1.0.1g && sudo ./config && sudo make && sudo make install
History repeats itself
b0z0@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org