Fedora, Redhat and Centos so far are all effected by a update to openssl.
As the update is done due to CVE exploits, we need patches quickly please.
For Fedora 11, its openssl-0.9.8k-5 to openssl-0.9.8n1
Other OS please list them here so we can got them fixed.
Can future binaries not be hard coded to specific versions, as this leads to disaster!
There seems to be a few - one is psa-proftpd:
Mar 27 23:37:38 server proftpd[21498]: mod_tls/2.4.1: compiled using OpenSSL version 'OpenSSL 0.9.8k-fips 25 Mar 2009' headers, but linked to OpenSSL version 'OpenSSL 0.9.8n-fips 24 Mar 2010' library
Also if you disable tls proftpd comes up but panel is still dead:
/var/log/sw-cp-server/error_log, which is practically useless says:
2010-03-27 06:04:06: (log.c.75) server started
2010-03-27 06:04:06: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:04:06: (log.c.75) server started
2010-03-27 06:04:06: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:06:02: (log.c.75) server started
2010-03-27 06:06:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:06:02: (log.c.75) server started
2010-03-27 06:06:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:08:02: (log.c.75) server started
2010-03-27 06:08:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:08:02: (log.c.75) server started
2010-03-27 06:08:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
As the update is done due to CVE exploits, we need patches quickly please.
For Fedora 11, its openssl-0.9.8k-5 to openssl-0.9.8n1
Other OS please list them here so we can got them fixed.
Can future binaries not be hard coded to specific versions, as this leads to disaster!
There seems to be a few - one is psa-proftpd:
Mar 27 23:37:38 server proftpd[21498]: mod_tls/2.4.1: compiled using OpenSSL version 'OpenSSL 0.9.8k-fips 25 Mar 2009' headers, but linked to OpenSSL version 'OpenSSL 0.9.8n-fips 24 Mar 2010' library
Also if you disable tls proftpd comes up but panel is still dead:
/var/log/sw-cp-server/error_log, which is practically useless says:
2010-03-27 06:04:06: (log.c.75) server started
2010-03-27 06:04:06: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:04:06: (log.c.75) server started
2010-03-27 06:04:06: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:06:02: (log.c.75) server started
2010-03-27 06:06:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:06:02: (log.c.75) server started
2010-03-27 06:06:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:08:02: (log.c.75) server started
2010-03-27 06:08:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)
2010-03-27 06:08:02: (log.c.75) server started
2010-03-27 06:08:02: (network.c.336) SSL: error:00000000:lib(0):func(0):reason(0)