An announcement you won't want to miss

 
Information regarding News & Annoucement from YISolutions
 
This section contains Latest News & Announcements made by YISolutions
 

 
Latets News / New Services / Products
 
April 10, 2014
 
  OpenSSL Vulnerability Security Alert
 
OpenSSL released a security report on 9 April 2014 that there is a vulnerability with OpenSSL.

“There was a devastating security flaw in the OpenSSL implementation of the SSL / TLS protocol (CVE-2014-0160), known as the heartbleed vulnerability. The heartbleed is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

What versions of the OpenSSL are affected?

Status of different versions:

OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
OpenSSL 1.0.1g is NOT vulnerable
OpenSSL 1.0.0 branch is NOT vulnerable
OpenSSL 0.9.8 branch is NOT vulnerable

Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.”

For more information, you may refer to heartbleed.com.

For our cloud powered hosting servers, we are currently patching up our server which customer does not have to do anything.

Other than cloud powered shared hosting, we encourage, you to change your password, both on our website as well as any others that you use, as many services have been affected.

For VPS/Dedicated/Co-location customer, please take action to patch up your server. If you are not sure if your server is affected by this bug, there are two methods to check.

The first method would be use this link > https://www.ssllabs.com/ssltest/

The second method would be:

- SSH into your server
- Run the following command: “openssl version -a” (without quotes)
- If the result shows “OpenSSL 1.0.1e 11 Feb 2013” and a Build earlier than 8th April 2014, then your server might be vulnerable.

To fix the vulnerability, kindly run the command “yum update” and install the fix.

If you have cPanel installed, the latest version for OpenSSL is 1.0.1e with Build 8th April 2014.

Once you have installed the fix, kindly do a reboot on the server.









Quick Links

My-Ads.biz
RegPakistan 1st Internet Advertising & Social Media Marketing company.
Click Here for details

 

Register a Domain
Register your .com,
.net & .org domains for $12
Click Here for details

 

Start Your Business
Get more ideas to start & promote your business. Read more articles of Yousuf Idris Click Here for details

 

Windows Hosting
Windows Hositng with Free Domain Registration is only Rs/- 1,400 yearly .
Click Here for details

 

Unlimited Hosting
Unlimited Linux & Windows Web Hosting with Free Domain Registraiton is only rs. 833/m.
Click Here for details

 

Inspirational Quotes
The quotes in each of the categories are some of my personal favorites that I've collected over the years.
I hope you enjoy them as much as I do.
Click Here


 

© Copyright 2013 YI.SG All rights reserved.