Openssl security update

sonnyyu:
One more important fix of New Yún image:

The very danger security bug - Heartbleed

http://en.wikipedia.org/wiki/Heartbleed

openwrt-yun/Makefile at master · arduino/openwrt-yun · GitHub

PKG_VERSION:=1.0.1g, The heart is no longer bleeding

Current version is 1.0.1e. Please update to New Yún image ASAP.

http://download.linino.org/dogstick/all-in-one/latest/packages/libopenssl_1.0.1e-1_ar71xx.ipk

Current openssl version at Yun:1.0.1h-1

But it is far behind!

https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/CHANGES

Changes between 1.0.1g and 1.0.1h [5 Jun 2014] Changes between 1.0.1h and 1.0.1i [6 Aug 2014] Changes between 1.0.1i and 1.0.1j [15 Oct 2014] Changes between 1.0.1j and 1.0.1k [8 Jan 2015] Changes between 1.0.1k and 1.0.1l [15 Jan 2015] Changes between 1.0.1l and 1.0.2 [22 Jan 2015] Changes between 1.0.2 and 1.0.2a [19 Mar 2015] Changes between 1.0.2a and 1.0.2b [11 Jun 2015] Changes between 1.0.2b and 1.0.2c [12 Jun 2015] Changes between 1.0.2c and 1.0.2d [9 Jul 2015] Changes between 1.0.2d and 1.0.2e [3 Dec 2015]

Yun/Linino OS is based on Attitude Adjustment 12.09 of Openwrt. Attitude Adjustment is no longer maintained

Current status of Yun/Linino OS is obsolete technology

|500x242

Did not know that... Any plans to switch to a newer release of OpenWrt?

The latest Yun firmware:

libopenssl_1.0.2e-1_ar71xx.ipk                     06-Jan-2016 01:25              748946

1.0.2e [3 Dec 2015]

more on heartbleed

Heartbleed Bug – Status, What, & Who https://jssnippets.wordpress.com/2014/05/14/heartbleed-bug-status-what-who/

Changes between 1.0.2e and 1.0.2f [xx XXX xxxx]

*) Reject DH handshakes with parameters shorter than 1024 bits. [Kurt Roeckx]

https://github.com/openssl/openssl/blob/OpenSSL_1_0_2-stable/CHANGES

Ha, 1.0.2e will be out of date in few days.

The package at Yun dependent on libopenssl

luci alljoyn cyrus-sasl peervpn mini_httpd ssltunnel apf opensips tinc ruby znc wget radsecproxy squid python lispmob boxbackup sipsak git xsupplicant libevent2 monit tmsnc msmtp wt freeradius2 sscep ipmitool sslcat aria2 imapfilter mutt xmail rsyncrypto irssi php5 dudders pyrit ipsec-tools pen ssldump dsniff gatling pure-ftpd uftp ssmtp nmap re bitlbee ldns kamailio3 openvpn nagios-plugins imspector openssh fetchmail libtorrent openconnect nzbget kamailio httping bind tor openvpn-devel libfreefare luasec opendchub rrs nginx bahamut pyopenssl vtun airpwn ndyndns openldap netatalk chaosvpn raddump httptunnel uanytun isakmpd send dovecot lftp ntpd apache strongswan stunnel ctorrent curl aircrack-ng lighttpd crypto-tools pulseaudio keepalived elinks ettercap keynote neon erlang ngircd osiris transmission libssh2 obfsproxy yate openslp sslsniff syslog-ng3 nrpe asterisk-1.8.x crtmpserver uhttpd hostapd