From: | Magnus Hagander <magnus(at)hagander(dot)net> |
---|---|
To: | Dev Kumkar <devdas(dot)kumkar(at)gmail(dot)com> |
Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Boszormenyi Zoltan <zboszor(at)pr(dot)hu>, Tony Theodore <tonyt(at)logyst(dot)com>, "pgsql-general(at)postgresql(dot)org" <pgsql-general(at)postgresql(dot)org> |
Subject: | Re: Heartbleed Impact |
Date: | 2014-06-05 17:33:38 |
Message-ID: | CABUevEyaZX6Ck-RiJngFtqKLLtOBPt2So-uofdh7v0v34Oe+Kg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
On Thu, Jun 5, 2014 at 7:30 PM, Dev Kumkar <devdas(dot)kumkar(at)gmail(dot)com> wrote:
>
> On Wed, Apr 16, 2014 at 9:08 PM, Dev Kumkar <devdas(dot)kumkar(at)gmail(dot)com>
> wrote:
>
>> On Wed, Apr 16, 2014 at 7:50 PM, Stephen Frost <sfrost(at)snowman(dot)net>
>> wrote:
>>
>>> * Dev Kumkar (devdas(dot)kumkar(at)gmail(dot)com) wrote:
>>> > I just downloaded the latest binaries from EnterpriseDB and when
>>> checked
>>> > with libssl.so.1.0.0 can see this:
>>> > OpenSSL 1.0.1g 7 Apr 2014
>>> >
>>> > OpenSSL 1.0.1g is the patched version.
>>>
>>> Yes, checked w/ them and they say it's all patched..
>>>
>>> > Awaiting confirmation and also please let know if there is certain
>>> NOTE or
>>> > link which talks about this fix from EnterpriseDB side.
>>>
>>> There's a note on the 'installers' page here:
>>> http://www.enterprisedb.com/products-services-training/pgdownload
>>>
>>> I believe they're going to add a note to the other page too.
>>>
>>> Thanks,
>>>
>>> Stephen
>>>
>>
>> Thanks for the confirmation. Yup checked the NOTE on 'installers' page
>> and a note on binary page will really help.
>>
>> Regards...
>>
>
> Hello Guys,
>
> For postgreSQL, is there any OpenSSL fix coming up for this issue:
> http://www.zdnet.com/openssl-fixes-another-severe-vulnerability-7000030253/
>
> Currently in PostgreSQL 9.4.3 the version is as follows: OpenSSL 1.0.1g 7
> Apr 2014
>
> As per the above link, fixed OpenSSL version would be 1.0.1h
>
> Looking forward for some comments here.
>
>
Hi!
The guys at EnterpriseDB are busy building new installers as we speak, I
would expect them to be out tomorrow or so.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
From | Date | Subject | |
---|---|---|---|
Next Message | Sébastien Lorion | 2014-06-05 18:09:50 | Re: Merge a sharded master into a single read-only slave |
Previous Message | Dev Kumkar | 2014-06-05 17:30:05 | Re: Heartbleed Impact |