<p dir="ltr">Or just use 'rpm -qi openssl', which will give you better information about the actual package installed and what the build originated from. Ssh -V won't help you determine what patches have been backported. </p>
<p dir="ltr">--</p>
<p dir="ltr">Sent from a mobile device. Correct spelling and accurate use of grammar is unlikely to have occurred.</p>
<div class="gmail_quote">On 10/04/2014 4:48 pm, "Andy S." <<a href="mailto:ciscoarc7@gmail.com">ciscoarc7@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Also, for those need to check openssl version in F5, ssh to it and type<div><span style="font-size:15px"><br></span></div><div><span style="font-size:15px">ssh -V</span></div><div><span style="font-size:15px"><br></span></div>
<div><span style="font-size:15px">Cheers. <br></span><br>On Thursday, April 10, 2014, Andy S. <<a href="mailto:ciscoarc7@gmail.com" target="_blank">ciscoarc7@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I used Qualy SSL Labs test for our F5.<div><span style="font-size:15px"><br></span></div><div><span style="font-size:15px"><a href="https://www.ssllabs.com/ssltest" target="_blank">https://www.ssllabs.com/ssltest</a></span></div>
<div><br>
</div><div>Cheers.</div><div>Andy </div><div><br>On Thursday, April 10, 2014, Joshua D'Alton <<a>joshua@railgun.com.au</a>> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Another tool: <a href="https://ssltools.geotrust.com/checker/views/certCheck.jsp" target="_blank">https://ssltools.geotrust.com/checker/views/certCheck.jsp</a> though it seems to be being "ddosed" due to use.</div>
<div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Apr 9, 2014 at 6:55 PM, Shain Singh <span dir="ltr"><<a>shain.singh@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
<br>
<br>
On 9 April 2014 05:48, Colin Stubbs<br>
<div><<a>colin.stubbs@equatetechnologies.com.au</a>> wrote:<br>
><br>
> Yeap, I can confirm that.<br>
><br>
> Note however,<br>
><br>
> 11.5's management interface is affected. That's the webGUI to config/manage<br>
> the box which runs Apache w/ OpenSSL.<br>
><br>
> SSL virtual hosts terminated by TMOS __are not__ affected, e.g. the<br>
> production services hosted by the F5.<br>
<br>
</div>Only if you are not using the COMPAT directive in your SSL profiles<br>
(which the majority of people won't).<br>
<div><br>
<br>
><br>
> Definitely doesn't affect 11.4 or below from the testing I've now done.<br>
><br>
> -Colin<br>
><br>
> On 8 April 2014 14:09, Mick O'Rourke <<a>mkorourke+ausnog@gmail.com</a>> wrote:<br>
>><br>
>> > F5 load balancers are vulnerable.<br>
>><br>
>> Apparently only 11.5.x versions of BIG IP.<br>
>><br>
>><br>
<br>
</div>The official release from F5<br>
<a href="http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html" target="_blank">http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html</a><br>
<br>
Disclaimer: I am an F5 employee.<br>
<br>
For security related alerts on F5, you can sign up here (you need to<br>
provide contact details besides email):<br>
<a href="https://interact.f5.com/technews.html" target="_blank">https://interact.f5.com/technews.html</a><br>
<span><font color="#888888"><br>
<br>
--<br>
Shaineel Singh<br>
e: <a>shain.singh@gmail.com</a><br>
p: <a href="tel:%2B61%20422%20921%20951" value="+61422921951" target="_blank">+61 422 921 951</a><br>
w: <a href="http://buffet.shainsingh.com" target="_blank">http://buffet.shainsingh.com</a><br>
<br>
--<br>
"Too many have dispensed with generosity to practice charity" - Albert Camus<br>
</font></span><div><div>_______________________________________________<br>
AusNOG mailing list<br>
<a>AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
</div></div></blockquote></div><br></div>
</blockquote></div>
</blockquote></div>
<br>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br></blockquote></div>