2.3.4 server users (SSL heartblead and CVEs)

Thomas Spuhler thomas.spuhler at btspuhler.com
Wed Jun 25 17:50:49 CEST 2014


On Wednesday, June 25, 2014 11:50:11 AM Franz Skale wrote:
> Perhaps it's off topic or no one using 2.3.4 anymore.
> My transition is still being avaluated and so perhaps others too.
> So i was quite nervous when hearing about the severe SSL bugs.
> So, i'm in the middle of transition to the new server environment.
> But, i wanted to be safe on 2.3.4 too. So i started to port
> openssl,apache 2.4 and dep packages to openpkg.
> It works now, only some template changes have been made.
> Contact me, if you need to fix old running systems.
> I am safe now, and gradet A+ on ssllabs testing suite.
> 
> My packages i recompiled,after porting openssl 1.0.1h and apache 2.4.9:
> 
> openssl-1.0.1h-20140605.amd64-debian6.0.2-kolab.rpm
> postfix-2.8.3-20110531.amd64-debian6.0.2-kolab.rpm
> imap-2006k-20080101.amd64-debian6.0.2-kolab.rpm
> imapd-2.3.17-20110928_kolab2.amd64-debian6.0.2-kolab.rpm
> perl-ssl-5.10.0-20080101_kolab1.amd64-debian6.0.2-kolab.rpm
> apr-1.5.1-20140421.amd64-debian6.0.2-kolab.rpm
> libxml-2.8.0-20140622.amd64-debian6.0.2-kolab.rpm
> apache-2.4.9-20140621.amd64-debian6.0.2-kolab.rpm
> apache-php-5.3.8-20110913.amd64-debian6.0.2-kolab.rpm
> 
> Kind regards
> 
> Franz Skale

This is why it's better to use native packages. The distros upgraded the openssl loooong ago and we 
don't even use openssl in apache/kolab at Mageia.
:)

-- 
Best regards
Thomas Spuhler

All of my e-mails have a valid digital signature
ID 60114E63
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/users/attachments/20140625/3c9bbbb5/attachment.sig>


More information about the users mailing list