[mythtv-users] the heartbleed openssl bug and mythtv
Tom Bongiorno
tbjr at bongohut.com
Wed Apr 9 19:48:40 UTC 2014
On Wed, Apr 9, 2014 at 3:47 PM, HP-mini <blm-ubunet at slingshot.co.nz> wrote:
> On Wed, 2014-04-09 at 15:33 -0400, Ian Evans wrote:
> > On Wed, Apr 9, 2014 at 3:12 PM, <yan at seiner.com> wrote:
> > > Just a heads up that if you've made your mythbox accessible
> > from the
> > > outside via ssh or mythweb you may need to make sure your
> > system isn't
> > > affected by the recenlty discovered heartbleed security
> > hole.
> > >
> > >
> >
> http://serverfault.com/questions/587329/heartbleed-what-is-it-and-what-are-options-to-mitigate-it
> > >
> > > I'm currently running mythbuntu 12.04. Any tips to get
> > patched? Should I
> > > hope to 13.04 immediately?
> >
> >
> > apt-get update && apt-get upgrade
> >
> > if you don't have automatic security updates enabled (which
> > you should).
> >
> > Mine updated sometime between the 4th and today.
> >
> > If you want to dist-upgrade wait until 14.04 is out in a few
> > more days.
> > I did that earlier today and it's still OpenSSL 1.0.1 14 Mar 2012
> > I do use TLS for some email alerts for the box.
> >
> This is the 3rd major security flaw in as many months. (iOS goto fail,
> GnuTLS & openSSL)
>
> All my 12.04LTS computers have received this openSSL update.
> Do not hop to 13.04 , that is dead.
>
> As mentioned by Yan, you need to enable security updates repositories.
> Do this in synaptic package manager (settings/repositories: tab
> "Updates").
>
>
>
> _______________________________________________
> mythtv-users mailing list
> mythtv-users at mythtv.org
> http://www.mythtv.org/mailman/listinfo/mythtv-users
> http://wiki.mythtv.org/Mailing_List_etiquette
> MythTV Forums: https://forum.mythtv.org
>
I am not trying to be a troll at all, but I have a legitimate question. If
I am running my backend as a MythTV only server, what should I be worried
about? Someone can see/schedule/delete recordings if they decide to
target/sniff my IP and get login credentials?
-Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.mythtv.org/pipermail/mythtv-users/attachments/20140409/d4c4c091/attachment.html>
More information about the mythtv-users
mailing list