similar to: Impact of CVE-2014-0160?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Earlier in the day today, we were made aware of a serious issue in openssl as shipped in CentOS-6.5 ( including updates issued since CentOS-6.5 was released ); This issue is addressed in detail at http://heartbleed.com/ Upstream have not released a patched version of openssl, although we are reliably informed that there is quite a bit of effort

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Earlier in the day today, we were made aware of a serious issue in openssl as shipped in CentOS-6.5 ( including updates issued since CentOS-6.5 was released ); This issue is addressed in detail at http://heartbleed.com/ Upstream have not released a patched version of openssl, although we are reliably informed that there is quite a bit of effort

Hi, I've got a problem that sounds a lot like this, http://r.789695.n4.nabble.com/Re-R-R-2-12-0-hangs-while-loading-RGtk2-on-FreeBSD-td3005929.html under windoze 7. but it seems to hang with this stack trace, #0? 0x77830190 in ntdll!LdrFindResource_U () ?? from /cygdrive/c/Windows/system32/ntdll.dll building goes as follows, $ ./R CMD INSTALL --no-test-load nlme_3.1-97.tar.gz *

>From this change (res_rtp_asterisk): ast 13.10 to 13.11 webrtc JSSIP stop working, failing with chan_sip.c:4083 retrans_pkt: Hanging up call 7238b48c11581d4166b899bf747a05f7 at 130.211.62.184:0 - no reply to our critical packet (see https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions). is there any way to configure to have the previous behaviour? Im trying to set

Dear R-devel: The Cluster administrators at KU got enthusiastic about testing R-3.2.2 with Intel MKL when I asked for some BLAS integration. Below I forward a performance report, which is encouraging, and thought you would like to know the numbers. Appears to my untrained eye there are some extraordinary speedups on Cholesky decomposition, determinants, and matrix inversion. They had

Hi Is there known advices on how to favor PFS with dovecot? In Apache, I use the following directives, with cause all modern browsers to adopt 256 bit PFS ciphers, while keeping backward compatibility with older browsers and avoiding BEAST attack: SSLProtocol all -SSLv2 SSLHonorCipherOrder On SSLCipherSuite ECDHE at STRENGTH:ECDH at STRENGTH:DH at STRENGTH:HIGH:-SSLv3-SHA1:-TLSv10

After reading about the 2 major SSL (and TLS?) weaknesses discovered this year, I was wondering how it affects asterisk. Does the SIP authentication use TLS - or something that was recently broken? Is there a risk of exposing passwords? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL:

For even more information about "Heartbleed". -Connie Sieh ---------- Forwarded message ---------- Date: Wed, 9 Apr 2014 12:27:54 -0500 From: The SANS Institute <NewsBites at sans.org> Subject: FLASH NewsBites - Heartbleed Open SSL Vulnerability FLASH NewsBites - Heartbleed Open SSL Vulnerability FLASH NewsBites are issued only when a security event demands global and immediate

Dear all, I tried to do a backport of 'ssl_prefer_server_ciphers' (http://hg.dovecot.org/dovecot-2.2/rev/897484f45a87/) to Dovecot 2.1 (namely the Debian version of Dovecot) and wanted to ask if there is any chance to integrate this feature into Dovecot 2.1 'upstream' as well. As the code structure changed quite a bit, I am not sure if my patch is complete. I tested it with pop3s

Hello, I'm cross posting this from the OpenSwan mailing list, in case someone here can help. We have two sites connected via OpenSwan 2.6.32-9 on CentOS 5, sharing 6 /24 subnets each (so 12 in total). The problem we're having is completely randomly, be it in the middle of the day, or in the middle of the night (so I don't believe it's traffic related), certain (and sometimes

"May you live in interesting times" Is this a curse or a blessing? :) I've just tested a 3.1.5 GlusterFS native client against a 3.1.3 storage pool using this volume: Volume Name: pfs-rw1 Type: Distributed-Replicate Status: Started Number of Bricks: 2 x 2 = 4 Transport-type: tcp Bricks: Brick1: jc1letgfs16-pfs1:/export/read-write/g01 Brick2: jc1letgfs13-pfs1:/export/read-write/g01

hi, I can''t get a freeswan 2.02 ipsec x509 connection at work can somebody help me? ************************************************************************************* global situation ************************************************************************************* the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24, a dyn IP via a DSL

Do we know if dovecot is vulnerable to the heartbleed SSL problem? I'm running dovecot-2.0.9 and openssl-1.01, the latter being intrinsically vulnerable. An on-line tool says that my machine is not affected on port 993 but it would be nice to know for sure if we were vulnerable for a while. (Naturally I've blocked it anyway!). Thanks John

On Sun, January 11, 2015 7:29 pm, Keith Keller wrote: > On 2015-01-12, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: >> >> PS I guess I just mention it. I'm quite happy about CentOS (or RedHat if >> I >> look back). One day I realized how happy I am that I chose RedHat way >> back, - that was when all Debian (and its clones like Ubuntu,...) admins

On 04/04/2016 12:11 PM, Jussi Hirvi wrote: > This made me google around a little, and I found some good info here. > They, too, kind of recommend openvpn. > http://www.howtogeek.com/211329/which-is-the-best-vpn-protocol-pptp-vs.-openvpn-vs.-l2tpipsec-vs.-sstp/ > This is not good information. In brief: "There are some concerns that the NSA could have weakened the standard,

Hi Paul, We've been through this process ourselves for the Revolution R Open project. There are a number of pitfalls to avoid, but you can take a look at how we achieved it in the build scripts at: https://github.com/RevolutionAnalytics/RRO There are also some very useful notes in the R Installation guide: https://cran.r-project.org/doc/manuals/r-release/R-admin.html#BLAS Most packages do

Hello, I've seen this issue before, running a imap/smtp/database server on localhost and adding in a webmail interface, in this case Roundcube. In my maillog I'm seeing accessive Dovecot connections and logouts just from my own transaction of logging in, going to compose a message, sending, and logging out. I'm using Mysql as database backend and was wondering if there was something

Kostya, I took a quick stab at patching libFuzzer for Apple, but so far I'm thinking something else is incorrect. Patch is attached but when I went to reproduce the examples, the toy example went fine, but with PCRE and Heartbleed I noticed the coverage statistics were pretty poor, and didn't find anything. Admittedly I moved onto Heartbleed pretty quickly so PCRE probably isn't the

On Mon, Feb 2, 2015 at 8:02 PM, Kahlil Hodgson <kahlil.hodgson at dealmax.com.au> wrote: > On 3 February 2015 at 13:34, PatrickD Garvey <patrickdgarveyt at gmail.com> wrote: >> Now how about some specific sources you personally used to learn your >> craft that we can use likewise? > > So many places it makes my brain hurt just thinking about it. Google > and

On Sun, January 11, 2015 5:16 pm, Keith Keller wrote: > On 2015-01-11, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: >> >> Indeed. Or another system altogether (sihg). I'm just extending your >> thought half a step farther ;-) > > Or going even farther, if you like CentOS but not systemd, do the work > to get CentOS working without it. Unhappy Debian