0

With the openSSL Heartbleed exploit, I'm assuming that compiling HAproxy with the openSSL package will mean it is vulnerable. What would be the process to update? Update openSSL and recompile HAProxy?

jww
  • 97,681
  • 90
  • 411
  • 885
Seth
  • 659
  • 2
  • 7
  • 21
  • 4
    This question appears to be off-topic because it is about software versions, administration and patching. Server Fault has quite a few questions on the topic: https://serverfault.com/questions/tagged/heartbleed. – jww Apr 09 '14 at 11:05

1 Answers1

2

If you are using one of the affected OpenSSL versions (1.0.1 through 1.0.1f), update to version 1.0.1g where the exploit has been addressed.

http://www.kb.cert.org/vuls/id/720951

curious1
  • 89
  • 3