I found lot of articles describing about the heard bleed bug but can someone please explain the remedy for the heart bleed bug ?
Asked
Active
Viewed 211 times
-3
-
1Patching? I assume you ran into that option in your reading. – schroeder May 06 '14 at 17:27
3 Answers
1
The Openssl version patched is 1.0.1g.
From OpenSSL Security Advisory [07 Apr 2014] (CVE-2014-0160)
Affected users should upgrade to OpenSSL 1.0.1g. Users unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS.
shardan
- 109
- 2
0
The individual who runs the server needs to apply a patch to their implementation of OpenSSL. As a regular user you are not directly affected but some of the services you use are probably affected. Would be best to reach out to those companies and see if they were vulnerable and if they have corrected the issue, if so then changing your accounts is needed.
TrinityInfoSec
- 99
- 3
0
In addition to the comments above, if any services you use were found vulnerable to the heartbleed bug it means that some or all your personal information may have leaked. As a regular user you should consider changing your credentials especially for sensitive services such as ebanking
user2851431
- 21
- 2