Home Sign Up Sign In
ioioioioioioi
V2EX  ›  SSL

阿里云 Ubuntu 12.02 如何升级 openssl,去掉导致网站 F 分的两个 bug?

  •   
  •   ioioioioioioi · Dec 15, 2016 · 2454 views
    This topic created in 3444 days ago, the information mentioned may be changed or developed.
    This server is vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) and exploitable. Grade set to F.
    This server is vulnerable to the OpenSSL Padding Oracle vulnerability (CVE-2016-2107) and insecure. Grade set to F.
  • openssl
  • vulnerable
  • Grade
  • set
    1 replies    2016-12-15 11:47:09 +08:00
    iyaozhen
        1
    iyaozhen  
       Dec 15, 2016 via Android
    12 版本还在支持的周期中吗?不然 apt upgrade 就行。
    不行的话只能自己编译了,然后 Nginx 也要重新编译。之前为了 http2 重新搞过,你参考下: https://iyaozhen.com/nginx-http2-conf.html
    About   ·   Help   ·   Advertise   ·   Blog   ·   API   ·   FAQ   ·   Solana   ·   1527 Online   Highest 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 26ms · UTC 16:46 · PVG 00:46 · LAX 09:46 · JFK 12:46
    ♥ Do have faith in what you're doing.