Когда я иду бегать:
root@vps [~]# yum update -y openssl
Я получил:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.beyondhosting.net
* extras: centos.mirror.nac.net
* updates: centos.netnitco.net
Setting up Update Process
No Packages marked for Update
А если я побегу:
root@vps [~]# yum info openssl
Я понимаю, что это не последняя версия OpenSSL и уязвима для heartbleed:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.beyondhosting.net
* extras: centos.mirror.nac.net
* updates: centos.netnitco.net
Installed Packages
Name : openssl
Arch : x86_64
Version : 1.0.1e
Release : 16.el6_5.7
Size : 4.0 M
Repo : installed
From repo : updates
Summary : A general purpose cryptography library with TLS implementation
URL : http://www.openssl.org/
License : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
: between machines. OpenSSL includes a certificate management tool
: and shared libraries which provide various cryptographic
: algorithms and protocols.
Available Packages
Name : openssl
Arch : i686
Version : 1.0.1e
Release : 16.el6_5.7
Size : 1.5 M
Repo : updates
Summary : A general purpose cryptography library with TLS implementation
URL : http://www.openssl.org/
License : OpenSSL
Description : The OpenSSL toolkit provides support for secure communications
: between machines. OpenSSL includes a certificate management tool
: and shared libraries which provide various cryptographic
: algorithms and protocols.
Или эта версия 1.0.1e по какой-то причине не уязвима для Heartbleed?
16.el6_5.7 это исправленная версия с исправлением (см. информация о пакете на сайте Scientific Linux).