[mythtv-users] the heartbleed openssl bug and mythtv
Nicolas Krzywinski
myth at site7even.de
Wed Apr 9 20:30:13 UTC 2014
Am 09.04.2014, 22:18 Uhr, schrieb Tom Bongiorno <tbjr at bongohut.com>:
> I am running MythWeb with Mythbuntu 12.04 LTS. I am only up-to-date as
> of a
> week or two ago. I will do the security updates and call it a day. Thanks
> again.
>
> -Tom
No need to hyperventilate if your environment meets the following
conditions:
- Your internet access is behind a router and you did not enabled the
routers' web access from via the internet
- There is no system in you LAN that serves OpenSSL-powered services (e.
g. web service with apache)
- Your MythWeb does NOT respond on https (as it is the case for me)
Disclaimer: I do not say that you don't have to update! I do not say that
you are not in direct or indirect danger of being compromised if you met
the above conditions!
But as I did not read about client side vulnerabilities of this heartbleed
bug, environments like MythTV SHOULD be save.
Regards,
Nicolas
--
www.nskcomputing.de
More information about the mythtv-users
mailing list