NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ROS 6, OpenSSL, and package updates?
No sooner do I read this evening that Fedora and others a re quickly working to get OpenSSL 1.0.1e out to fix the latest TLS bug that I log into my 516 to see what version it's running. Oh my, 1.0.1e....
OpenSSL 1.0.1e is over a year old. It does not fix the latest TLS bug reported today (CVE-2014-0160, aka "Heartbleed"). All versions of OpenSSL 1.0.1 before 1.0.1g are vulnerable, as are the 1.0.2 betas up to and including 1.0.2-beta1.
The 1.0.0 and 0.9.8 branches are NOT affected, although of course they have other vulnerabilities and non-security bugs that have been fixed in the later versions.
ReadyNAS devices running OS4 are unaffected by the new bug; they're running 0.9.8o at best. I don't know what version of OpenSSL is running on the OS5 devices.
The 1.0.0 and 0.9.8 branches are NOT affected, although of course they have other vulnerabilities and non-security bugs that have been fixed in the later versions.
ReadyNAS devices running OS4 are unaffected by the new bug; they're running 0.9.8o at best. I don't know what version of OpenSSL is running on the OS5 devices.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
