Difference between revisions of "Live GIS Disc Press Release 49"

From OSGeo
Jump to navigation Jump to search
(Created page with "= OSGeo-Live and Heartbleed vulnerability= 14 April 2014 The [http://heartbleed.com/ Heartbleed Bug], which is a vulnerability in OpenSSL is also applicable for a number of the...")
 
Line 3: Line 3:
 
14 April 2014
 
14 April 2014
  
The [http://heartbleed.com/ Heartbleed Bug], which is a vulnerability in OpenSSL is also applicable for a number of the OSGeo live releases.
+
The [http://heartbleed.com/ Heartbleed Bug], (what is HeartBleed), (how much does it affect the OSGeo Live apps, and how)
OSGeo-Live is designed for demonstrating OSGeo software rather than being used for setting up hardened production servers, and as such shouldn't be used as a base system for storing sensitive data.
 
  
Even so, we do recommend anyone who has installed OSGeo-Live should patch the system.
+
(OSGeoLive disclaimer regarding production setup)
 +
 
 +
(recommendation to OSGeo Live install users)
  
 
==OSGeo-Live releases effected include==
 
==OSGeo-Live releases effected include==
Line 17: Line 18:
 
== How to Fix ==
 
== How to Fix ==
 
The following commands run from the command line will address the patch:
 
The following commands run from the command line will address the patch:
 
  sudo apt-get install libssl1.0.0
 

Revision as of 07:17, 13 April 2014

OSGeo-Live and Heartbleed vulnerability

14 April 2014

The Heartbleed Bug, (what is HeartBleed), (how much does it affect the OSGeo Live apps, and how)

(OSGeoLive disclaimer regarding production setup)

(recommendation to OSGeo Live install users)

OSGeo-Live releases effected include

OSGeo-Live releases based on Ubuntu 12.04 are effected. This includes versions:

  • 6.0
  • 6.5
  • 7.0
  • 7.9

How to Fix

The following commands run from the command line will address the patch:

Retrieved from "http://wiki.osgeo.org/w/index.php?title=Live_GIS_Disc_Press_Release_49&oldid=77618"