Heart Bleed - Apache Cloud Stack - open ssl

[Prakash Rao Banuka <pr...@simplifydc.com>]

Hi:

It is learnt that openssl library is being called when console of system vms (secondarystorage , console proxy vm and router vm) is launched.

Is it mandatory to update openssl library in Apache Cloud Stack? If yes, is there any official document.

Thank you
Prakash

Re: Heart Bleed - Apache Cloud Stack - open ssl

[David Bierce <da...@appcore.com>]

That blog posted mentions new templates being created for previous versions of Cloudstack.  The post implies a few days and it has now been a month.  Have new templates been created and the blog post hasn’t been updated or are those still pending release?




On May 6, 2014, at 8:18 AM, David Nalley <da...@gnsa.us> wrote:

> Hi Prakash:
> 
> You might want to check out:
> https://blogs.apache.org/cloudstack/entry/how_to_mitigate_openssl_heartbleed
> 
> 
> On Mon, May 5, 2014 at 1:48 PM, Prakash Rao Banuka <prakash.b@simplifydc.com
>> wrote:
> 
>> Hi:
>> 
>> It is learnt that openssl library is being called when console of system
>> vms (secondarystorage , console proxy vm and router vm) is launched.
>> 
>> Is it mandatory to update openssl library in Apache Cloud Stack? If yes,
>> is there any official document.
>> 
>> Thank you
>> Prakash
>> 
>> 
>> 

Re: Heart Bleed - Apache Cloud Stack - open ssl

[David Nalley <da...@gnsa.us>]

Hi Prakash:

You might want to check out:
https://blogs.apache.org/cloudstack/entry/how_to_mitigate_openssl_heartbleed


On Mon, May 5, 2014 at 1:48 PM, Prakash Rao Banuka <prakash.b@simplifydc.com
> wrote:

> Hi:
>
> It is learnt that openssl library is being called when console of system
> vms (secondarystorage , console proxy vm and router vm) is launched.
>
> Is it mandatory to update openssl library in Apache Cloud Stack? If yes,
> is there any official document.
>
> Thank you
> Prakash
>
>
>