Erik Berlin · Apr 8, 2014 · 2:03 PM UTC

Erik Berlin

Erik Berlin

@sferik

8 Apr 2014

To check the version of OpenSSL Ruby was built with: ruby -r openssl -e 'puts OpenSSL::OPENSSL_VERSION' Anything below 1.0.1g is vulnerable.

Aaron Parecki · Apr 8, 2014 · 10:06 PM UTC

Aaron Parecki @aaronpk

8 Apr 2014

@JamesChevalier @sferik Thanks but on Ubuntu `openssl version` always says "OpenSSL 1.0.1 14 Mar 2012"... #heartbleed aaron.pk/r4VU2

@JamesChevalier @sferik Thanks but on Ubuntu `openssl version` ...

@JamesChevalier @sferik Thanks but on Ubuntu `openssl version` always says "OpenSSL 1.0.1 14 Mar 2012" even for the correctly patched version. #heartbleed

aaronparecki.com

Erik Berlin · Apr 8, 2014 · 10:20 PM UTC

Erik Berlin

@sferik

8 Apr 2014

@aaronpk @JamesChevalier Wow. That’s horrible.

Aaron Parecki · Apr 8, 2014 · 11:57 PM UTC

Aaron Parecki · Apr 8, 2014 · 11:57 PM UTC

Aaron Parecki @aaronpk

8 Apr 2014

Replying to @sferik

@sferik Yep. I managed to track it down tho: aaronparecki.com/articles/20… #heartbleed (aaron.pk/r4VU4)

@sferik Yep. I managed to track it down tho:

@sferik Yep. I managed to track it down tho: #heartbleed

aaronparecki.com

Apr 8, 2014 · 11:57 PM UTC