Hi,
There has been some recent discussion among the security folk on Reddit and other sites regarding the recent OpenSSL vulnerability here:
Source #1:
http://www.openssl.org/news/secadv_20120419.txt
Source #2:
http://lists.grok.org.uk/pipermail/full ... 86585.html
Source #3:
http://www.reddit.com/r/netsec/comments ... d_lead_to/
Summary: [Full-disclosure] incorrect integer conversions in OpenSSL can result in memory corruption.
Affected Software:
All versions of OpenSSL on all platforms up to and including version 1.0.1 are
affected.
A quick look at the latest DSM I am running (DSM 4.0-2219) reports the following version of OpenSSL:
Apache httpd 2.2.22 ((Unix) mod_ssl/2.2.22 OpenSSL/1.0.0h
Synology security team, kindly look into this matter as I know mod_ssl may also be vulnerable to this memory corruption. Thanks a lot for your efforts and keeping us safe!
OpenSSL Security Vulnerability??
Forum rules
This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
This is a user forum for Synology users to share experience/help out each other: if you need direct assistance from the Synology technical support team, please use the following form:
https://myds.synology.com/support/suppo ... p?lang=enu
1 post
• Page 1 of 1
OpenSSL Security Vulnerability??
by FiddaDidda » Thu Apr 19, 2012 7:47 pm
- FiddaDidda
- I'm New!
- Posts: 3
- Joined: Tue Mar 06, 2012 10:33 pm
1 post
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 3 guests