New package openssl-1.0.1e-16.el6_5.7 has been released earlier today that fixes critical security issue
CVE-2014-0160 , details could be found here:
https://rhn.redhat.com/errata/RHSA-2014-0376.html
http://lists.centos.org/pipermail/centos-announce/2014-April/020249.html
To update it immediately please do the following:
# yum clean all
# yum update openssl
# cagefsctl --force-update
# /etc/init.d/httpd stop
# /etc/init.d/httpd start
If you are using LiteSpeed you would need to update it to 4.2.9 , related blog post: http://blog.litespeedtech.com/2014/04/08/litespeed-security-patch-to-fix-heartbleed-bug-in-openssl/
发表于 2014-4-10 02:18:57