One more important fix of New Yún image:
The very danger security bug - Heartbleed
PKG_VERSION:=1.0.1g, The heart is no longer bleeding
Current version is 1.0.1e. Please update to New Yún image ASAP.
Current openssl version at Yun:1.0.1h-1
But it is far behind!
Changes between 1.0.1g and 1.0.1h [5 Jun 2014] Changes between 1.0.1h and 1.0.1i [6 Aug 2014] Changes between 1.0.1i and 1.0.1j [15 Oct 2014] Changes between 1.0.1j and 1.0.1k [8 Jan 2015] Changes between 1.0.1k and 1.0.1l [15 Jan 2015] Changes between 1.0.1l and 1.0.2 [22 Jan 2015] Changes between 1.0.2 and 1.0.2a [19 Mar 2015] Changes between 1.0.2a and 1.0.2b [11 Jun 2015] Changes between 1.0.2b and 1.0.2c [12 Jun 2015] Changes between 1.0.2c and 1.0.2d [9 Jul 2015] Changes between 1.0.2d and 1.0.2e [3 Dec 2015]
Yun/Linino OS is based on Attitude Adjustment 12.09 of Openwrt. Attitude Adjustment is no longer maintained
Current status of Yun/Linino OS is obsolete technology
Did not know that... Any plans to switch to a newer release of OpenWrt?
The latest Yun firmware:
libopenssl_1.0.2e-1_ar71xx.ipk 06-Jan-2016 01:25 748946
1.0.2e [3 Dec 2015]
more on heartbleed
Heartbleed Bug – Status, What, & Who https://jssnippets.wordpress.com/2014/05/14/heartbleed-bug-status-what-who/
Changes between 1.0.2e and 1.0.2f [xx XXX xxxx]
*) Reject DH handshakes with parameters shorter than 1024 bits. [Kurt Roeckx]
Ha, 1.0.2e will be out of date in few days.
The package at Yun dependent on libopenssl
luci alljoyn cyrus-sasl peervpn mini_httpd ssltunnel apf opensips tinc ruby znc wget radsecproxy squid python lispmob boxbackup sipsak git xsupplicant libevent2 monit tmsnc msmtp wt freeradius2 sscep ipmitool sslcat aria2 imapfilter mutt xmail rsyncrypto irssi php5 dudders pyrit ipsec-tools pen ssldump dsniff gatling pure-ftpd uftp ssmtp nmap re bitlbee ldns kamailio3 openvpn nagios-plugins imspector openssh fetchmail libtorrent openconnect nzbget kamailio httping bind tor openvpn-devel libfreefare luasec opendchub rrs nginx bahamut pyopenssl vtun airpwn ndyndns openldap netatalk chaosvpn raddump httptunnel uanytun isakmpd send dovecot lftp ntpd apache strongswan stunnel ctorrent curl aircrack-ng lighttpd crypto-tools pulseaudio keepalived elinks ettercap keynote neon erlang ngircd osiris transmission libssh2 obfsproxy yate openslp sslsniff syslog-ng3 nrpe asterisk-1.8.x crtmpserver uhttpd hostapd