Heads-Up! Serious OpenSSL vulernability!

[theRKF]

http://heartbleed.com/

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

This isn't directly a LiteSpeed issue, but it probably affects almost every server that LiteSpeed is installed on, so I thought this would be helpful to post here.

 

[mistwang]

4.2.9 has been released to address this.

 

[Michael]

Yup. The most important addition to this thread would be:

Fix this issue by upgrading to 4.2.9.
Run /usr/local/lsws/admin/misc/lsup.sh -f -v 4.2.9

Michael