New OpenSSL vulnerability, directly impacting Nginx

The big guns already formed a fund coalition for OpenSSL: Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Qualcomm and VMWare. Each company will donate $100,000/year for 3 years. Apple decided is not important to participate... :rolleyes::rolleyes::rolleyes: I can't stand this company.
 
Floren said:
The big guns already formed a fund coalition for OpenSSL: Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Qualcomm and VMWare. Each company will donate $100,000/year for 3 years. Apple decided is not important to participate... :rolleyes::rolleyes::rolleyes: I can't stand this company.
Click to expand...

Maybe they figured 1.3 million a year is enough?
 
For CentminMod users:

Code: 
step 1. run command to patch OpenSSL 1.0.1g source for Nginx usage

curl -sL https://gist.github.com/centminmod/7e0a38b394d5d2f8fc7a/raw/releasebuffer.sh | bash

step 2. Set OPENSSL_VERSION='1.0.1g' version set in centmin.sh

step 3. Run centmin.sh menu option #4 recompile Nginx. When prompted if you want to recompile OpenSSL - select YES
 
Floren said:
The big guns already formed a fund coalition for OpenSSL: Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Qualcomm and VMWare. Each company will donate $100,000/year for 3 years. Apple decided is not important to participate... :rolleyes::rolleyes::rolleyes: I can't stand this company.
Click to expand...
I think Apple deprecated the use of OpenSSL a few years back (at least, that's the impression I got from WWDC).
 
BamaStangGuy said:
For CentminMod users:

Code: 
step 1. run command to patch OpenSSL 1.0.1g source for Nginx usage

curl -sL https://gist.github.com/centminmod/7e0a38b394d5d2f8fc7a/raw/releasebuffer.sh | bash

step 2. Set OPENSSL_VERSION='1.0.1g' version set in centmin.sh

step 3. Run centmin.sh menu option #4 recompile Nginx. When prompted if you want to recompile OpenSSL - select YES
Click to expand...
Just patched 4 servers :)
 
Null said:
I think Apple deprecated the use of OpenSSL a few years back (at least, that's the impression I got from WWDC).
Click to expand...
With the revenue they have, I think they can afford a donation of $300,000 which is BTW tax deductible. :rolleyes:(n)
After they ripped entirely FreeBSD to make their MacOS and bribed the developers with few pennies to have their mouths shut, they could at least support Open Source...
 
Floren said:
The big guns already formed a fund coalition for OpenSSL: Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Qualcomm and VMWare. Each company will donate $100,000/year for 3 years. Apple decided is not important to participate... :rolleyes::rolleyes::rolleyes: I can't stand this company.
Click to expand...

Not all of that is going to OpenSSL though. It's a collective fund to help struggling Open Source projects IIRC.
 
Floren said:
With the revenue they have, I think they can afford a donation of $300,000 which is BTW tax deductible. :rolleyes:(n)
After they ripped entirely FreeBSD to make their MacOS and bribed the developers with few pennies to have their mouths shut, they could at least support Open Source...
Click to expand...
There are better causes to support than crappy OpenSSL. Why would they support something they don't use? Because they have money? So? The above companies are using it, so they have an interest to support it.
 
You must log in or register to reply here.

Similar threads

Puntocom
OpenSSL to patch undisclosed high severity vulnerability this thursday
Replies
3
Views
1K
Puntocom
Puntocom
vijaichander
Updating openssl to patch heartbleed vulnerability
Replies
10
Views
1K
vijaichander
vijaichander
Back
Top Bottom