Is my CSA Heartbleed vulnerable with OpenSSL 1.0.1e ?

Version 2

    Question:

    My CSA OpenSSL version is 1.0.1e, is it vulnerable ?

     

    Answer:

    You must be check the exact version

    For that you can run this command :

    rpm -q -a | grep "openssl"

     

    If the last patch (GSB431_137) is correctly applied, you must have this version :

    openssl-1.0.1e-16.el6_5.7.x86_64

    Which means your CSA has the fix for the Heartbleed vulnerability

     

    Additional information:

    Please take a look on this link :

    https://www.digitalocean.com/community/articles/how-to-protect-your-server-against-the-heartbleed-openssl-vulnerability

    "While OpenSSL version 1.0.1g is the official fix of this problem, the version that fixes this for different distributions and releases may vary. Some releases and distributions patched their older versions to fix the problem, rather than releasing an entirely new version into an older, stable ecosystem.

    ...

    CentOS 6: openssl-1.0.1e-16.el6.5.7 "