maria-discuss team mailing list archive

Thread
Date

Re: Heartbleed (OpenSSL) -bug and MariaDB

To: Reindl Harald <h.reindl@xxxxxxxxxxxxx>
From: Peter Laursen <peter_laursen@xxxxxxxxxx>
Date: Wed, 9 Apr 2014 15:31:37 +0200
Cc: Maria Discuss <maria-discuss@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <53454A45.5080404@thelounge.net>

I think at least on Windows OpenSSL is statically linked? If so, all
available versions have an afftected OpenSLL inside.

-- Peter


On Wed, Apr 9, 2014 at 3:25 PM, Reindl Harald <h.reindl@xxxxxxxxxxxxx>wrote:

>
>
> Am 09.04.2014 15:21, schrieb Peter Laursen:
> > A far as I understand MariaDB uses OpenSSL (unlike Oracle-MySQL that
> uses YaSSL).
> >
> > Now what about the heartbleed bug: http://heartbleed.com/
> >
> > Will all still suported MariaDB versions (5.1, 5.2, 5.3, 5.5 and 10.0
> are all still suported I think?) need a
> > release for this bug in OpenSSL?
>
> why should they?
>
> update openssl and restart all daemons which are linking the library
> and consider replace your certificates / private keys if a service
> using openssl was reachable from the internet
>
> that's the idea behind shared libraries
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~maria-discuss
> Post to     : maria-discuss@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~maria-discuss
> More help   : https://help.launchpad.net/ListHelp
>
>

Follow ups

Re: Heartbleed (OpenSSL) -bug and MariaDB
From: Sergei Golubchik, 2014-04-10
Re: Heartbleed (OpenSSL) -bug and MariaDB
From: Peter Laursen, 2014-04-10

References

Heartbleed (OpenSSL) -bug and MariaDB
From: Peter Laursen, 2014-04-09
Re: Heartbleed (OpenSSL) -bug and MariaDB
From: Reindl Harald, 2014-04-09