dhis2-devs team mailing list archive

Thread
Date

Re: openssl vulnerability

To: dhis2-devs <dhis2-devs@xxxxxxxxxxxxxxxxxxx>, dhis2-users <dhis2-users@xxxxxxxxxxxxxxxxxxx>
From: Bob Jolliffe <bobjolliffe@xxxxxxxxx>
Date: Wed, 9 Apr 2014 12:24:43 +0100
In-reply-to: <CACd=f9eENO79YHvzi1ShtXiAMPor73+gxMaJktOSvRY_mwYyeQ@mail.gmail.com>

Clarification: this message is for server administrators rather than all
dhis2 users.


On 9 April 2014 12:23, Bob Jolliffe <bobjolliffe@xxxxxxxxx> wrote:

> Some of you may have seen the news regarding a serious vulnerability in
> openssl.
>
> Please check your systems using http://filippo.io/Heartbleed/ .
>
> If you are vulnerable (likely!) then you should ensure that you have
> updated your openssl package.  you may also need to restart nginx.
>
> This blog with Ubuntu instructions can help:
>
> http://blog.matthewdfuller.com/2014/04/how-to-fix-openssl-heart-bleed-bug-on.html
>
> There are other measures to consider for highly sensitive systems, but at
> least you should be doing the above.
>
> Regards
> Bob
>

References

openssl vulnerability
From: Bob Jolliffe, 2014-04-09