Heartbleed openssl from 1.0.1 to 1.0.1g vulnerability

Gene Heskett gheskett at wdtv.com
Wed Apr 9 09:39:35 UTC 2014

On Wednesday 09 April 2014 05:35:59 Nils Kassube did opine:

> Gene Heskett wrote:
> > Debian fixed it in 36 hours, that was what 3-4 days ago?  Where is our
> > fixed package?
> I think this is it: <http://www.ubuntu.com/usn/usn-2165-1>
> But unfortunately not for you - either it is not yet available for 10.04
> 0r it is considered a desktop component and will not be fixed at all
> because the 10.04 desktop is obsolete. Maybe you should compile if from
> the source code ...
> Nils

Well, as I read the CVE, the vulnerability started with 1.0.1, but my 
installed version is 0.9.8f or so.  Perhaps that version is not 

Seem like it would be prudent if someone from openssl could speak from a 
position of authority and put our minds at ease if indeed that is the case.

Just sayin.

Cheers, Gene
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
US V Castleman, SCOTUS, Mar 2014 is grounds for Impeaching SCOTUS

More information about the kubuntu-users mailing list