Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: Statement on Heartbleed and the openSUSE Forums

  1. #1
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,317

    Default Statement on Heartbleed and the openSUSE Forums

    From Attachmate's IS&T:

    --- snip ---

    Statement Regarding Heartbleed Vulnerability:

    We have received several inquiries regarding our site's susceptibility to
    the recently discovered OpenSSL vulnerability.

    For the vast majority NetIQ, Novell, and SUSE customer facing sites, we
    use an ADC to terminate SSL connections. This appliance uses a hardware
    based cryptography module that does not use OpenSSL. In addition, the
    vast majority of our internal servers run SUSE Linux Enterprise, which
    does not use any affected versions of OpenSSL. To be safe, we have tested
    a number of our sites since the beginning of the week, using the
    heartbleed script and through the excellent SSL Labs service (https://
    www.ssllabs.com). These tests have not revealed any problems with our SSL
    implementation.

    Regards,

    The Attachmate Group IS&T

    --- snip ---

    (Also posted at the top of the forums page on the web side)

    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  2. #2
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On 2014-04-11 06:36, Jim Henderson wrote:
    > From Attachmate's IS&T:
    >
    > --- snip ---


    Thanks.

    Is there a link to the full post, not a snip? :-?


    > (Also posted at the top of the forums page on the web side)


    Sorry, no, I don't see any such thing. Has it been removed? Or do I need
    to login to see it?

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 13.1 x86_64 "Bottle" at Telcontar)

  3. #3
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    32,320
    Blog Entries
    15

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On Fri 11 Apr 2014 01:43:16 PM CDT, Carlos E. R. wrote:

    On 2014-04-11 06:36, Jim Henderson wrote:
    > From Attachmate's IS&T:
    >
    > --- snip ---


    Thanks.

    Is there a link to the full post, not a snip? :-?


    > (Also posted at the top of the forums page on the web side)


    Sorry, no, I don't see any such thing. Has it been removed? Or do I need
    to login to see it?

    Hi
    You need to login.

    --
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    openSUSE 13.1 (Bottle) (x86_64) GNOME 3.10.1 Kernel 3.11.10-7-desktop
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!


  4. #4
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,317

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On Fri, 11 Apr 2014 13:43:16 +0000, Carlos E. R. wrote:

    > On 2014-04-11 06:36, Jim Henderson wrote:
    >> From Attachmate's IS&T:
    >>
    >> --- snip ---

    >
    > Thanks.
    >
    > Is there a link to the full post, not a snip? :-?


    That is the full text.

    >> (Also posted at the top of the forums page on the web side)

    >
    > Sorry, no, I don't see any such thing. Has it been removed? Or do I need
    > to login to see it?


    You need to browse into one of the forums - it's not on the front page.
    I don't think a login is needed.

    Jim



    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  5. #5
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On 2014-04-11 16:26, malcolmlewis wrote:

    > Hi
    > You need to login.


    Oh.

    But you see, why login on a site you suspect is affected by the security
    bug, to learn out if it is affected or not?

    That's contradictory :-)

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 13.1 x86_64 "Bottle" at Telcontar)

  6. #6
    Join Date
    Jun 2008
    Location
    Podunk
    Posts
    32,320
    Blog Entries
    15

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On Fri 11 Apr 2014 04:48:05 PM CDT, Carlos E. R. wrote:

    On 2014-04-11 16:26, malcolmlewis wrote:

    > Hi
    > You need to login.


    Oh.

    But you see, why login on a site you suspect is affected by the security
    bug, to learn out if it is affected or not?

    That's contradictory :-)

    Hi
    Hmm, well you have a conundrum then....

    --
    Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
    openSUSE 13.1 (Bottle) (x86_64) GNOME 3.10.1 Kernel 3.11.10-7-desktop
    If you find this post helpful and are logged into the web interface,
    please show your appreciation and click on the star below... Thanks!


  7. #7
    Join Date
    Jun 2008
    Location
    Kansas City Area, Missouri, USA
    Posts
    7,236

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On 04/11/2014 12:16 PM, malcolmlewis wrote:
    >
    > On Fri 11 Apr 2014 04:48:05 PM CDT, Carlos E. R. wrote:
    >
    > On 2014-04-11 16:26, malcolmlewis wrote:
    >
    >> Hi
    >> You need to login.

    >
    > Oh.
    >
    > But you see, why login on a site you suspect is affected by the security
    > bug, to learn out if it is affected or not?
    >
    > That's contradictory :-)
    >
    >
    >
    > Hi
    > Hmm, well you have a conundrum then....


    Logging onto the site is not the safe way to check it. Use
    https://www.ssllabs.com/ssltest/index.html, or one of the other similar sites,
    to test the site. Whether it passes or fails, change the password, but do
    nothing else if it fails. Once the site is fixed, then do another password change.


  8. #8
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On 2014-04-11 18:27, Jim Henderson wrote:
    > On Fri, 11 Apr 2014 13:43:16 +0000, Carlos E. R. wrote:



    >> Sorry, no, I don't see any such thing. Has it been removed? Or do I need
    >> to login to see it?

    >
    > You need to browse into one of the forums - it's not on the front page.


    I tried.

    > I don't think a login is needed.


    Yes, it is... :-o

    --
    Cheers / Saludos,

    Carlos E. R.
    (from 13.1 x86_64 "Bottle" at Telcontar)

  9. #9
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,317

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On Fri, 11 Apr 2014 16:48:05 +0000, Carlos E. R. wrote:

    > On 2014-04-11 16:26, malcolmlewis wrote:
    >
    >> Hi You need to login.

    >
    > Oh.
    >
    > But you see, why login on a site you suspect is affected by the security
    > bug, to learn out if it is affected or not?
    >
    > That's contradictory :-)


    I've passed this feedback along and asked for it to be displayed pre-login
    instead.

    Jim



    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

  10. #10
    Join Date
    Jul 2008
    Location
    Seattle, WA
    Posts
    17,317

    Default Re: Statement on Heartbleed and the openSUSE Forums

    On Fri, 11 Apr 2014 17:53:16 +0000, Carlos E. R. wrote:

    > On 2014-04-11 18:27, Jim Henderson wrote:
    >> On Fri, 11 Apr 2014 13:43:16 +0000, Carlos E. R. wrote:

    >
    >
    >>> Sorry, no, I don't see any such thing. Has it been removed? Or do I
    >>> need to login to see it?

    >>
    >> You need to browse into one of the forums - it's not on the front page.

    >
    > I tried.
    >
    >> I don't think a login is needed.

    >
    > Yes, it is... :-o


    Not any more.

    Jim



    --
    Jim Henderson
    openSUSE Forums Administrator
    Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •