Jump to content
XPEnology Community

DSM 5 affected by OpenSSL bug


mactron

Recommended Posts

Yes, but popular 'good' sites, like YouTube, Facebook, Apple, ect are not affected.

I was planning to do an upgrade to DSM5.1 and this doesn't stop me from doing that.

Now I use an http connection which isn't encrypted at all, no problems so far.

 

I think there will maybe be an update soon (DSM5.2 or so?) which will probably fix the 'bug'.

Link to comment
Share on other sites

interestingly, I have applied the fix which supposed to fix the openssl bug.

After upgrade and restart, when I type openssl version.. it shows:-

 

openssl version

OpenSSL 0.9.8v 19 Apr 2012

 

Affected Products:

OpenSSL 1.0.1 through 1.0.1f (inclusive)

Vendor products with OpenSSL embedded (vendors will be publishing security advisories with patch releases as the week progresses)

 

Non-Affected Products:

OpenSSL 1.0.1g, 1.0.0 branch and 0.9.8 branch

 

So you are fine.

Link to comment
Share on other sites

interestingly, I have applied the fix which supposed to fix the openssl bug.

After upgrade and restart, when I type openssl version.. it shows:-

 

openssl version

OpenSSL 0.9.8v 19 Apr 2012

 

I have just updated and it is showing the version as "OpenSSL 1.0.1g-fips 7 Apr 2014"

 

setch

Link to comment
Share on other sites

interestingly, I have applied the fix which supposed to fix the openssl bug.

After upgrade and restart, when I type openssl version.. it shows:-

 

openssl version

OpenSSL 0.9.8v 19 Apr 2012

 

I have just updated and it is showing the version as "OpenSSL 1.0.1g-fips 7 Apr 2014"

 

setch

 

Did you setup it by IPKG? IPKG openSSL version is 0.9.8v-2.

Link to comment
Share on other sites

×
×
  • Create New...