Chirurgia spinală minim invazivă
Chirurgia spinală minim invazivă oferă pacienților oportunitatea unui tratament eficient, permițându-le o recuperare ultra rapidă și nu în ultimul rând minimizând leziunile induse chirurgical. Echipa noastră utilizează un spectru larg de tehnici minim invazive, din care enumerăm câteva: endoscopia cu variantele ei (transnazală, transtoracică, transmusculară, etc), microscopul operator, abordurile trans tubulare și nu în ultimul rând infiltrațiile la toate nivelurile coloanei vertebrale. www.neurohope.ro |
Sīngerați? Heart bleed
Last Updated: Jun 05 2014 21:28, Started by
mufa
, Apr 10 2014 22:12
·
0
#20
Posted 11 April 2014 - 08:26
WTF ??
Cam asa arata inainte de update $ openssl version -a OpenSSL 1.0.1e-fips 11 Feb 2013 built on: Wed Jan 8 18:35:10 UTC 2014 platform: linux-elf options: bn(64,32) md2(int) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -Wa,--noexecstack -DPURIFY -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/pki/tls" engines: dynamic Asta zice update-ul yum update openssl i686 1.0.1e-16.el6_5.7 updates 1.5 M Dupa update # openssl version -a OpenSSL 1.0.1e-fips 11 Feb 2013 built on: Tue Apr 8 02:33:43 UTC 2014 platform: linux-elf options: bn(64,32) md2(int) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables -Wa,--noexecstack -DPURIFY -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/pki/tls" engines: dynamic Cum vad daca e safe acum ? Info sys CentOS release 6.5 (Final) 32bit Linux 3.11.6-x86-linode54 #1 SMP Wed Oct 23 15:22:49 EDT 2013 Linux version 3.11.6-x86-linode54 (maker@build) (gcc version 4.4.5 (Debian 4.4.5-8) ) #1 SMP Wed Oct 23 15:22:49 EDT 2013 |
#21
Posted 11 April 2014 - 08:34
Quote openssl version -a OpenSSL 1.0.1g 7 Apr 2014 built on: Mon Apr 7 22:28:59 CEST 2014 platform: linux-elf options: bn(64,32) rc4(8x,mmx) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -D_FORTIFY_SOURCE=2 -march=i686 -mtune=generic -O2 -pipe -fstack-protector --param=ssp-buffer-size=4 -Wl,-O1,--sort-common,--as-needed,-z,relro -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/ssl" Asta e fara bug, f-ul. |
#22
Posted 11 April 2014 - 09:10
Astia de la webhosting zic asa :
$ openssl version -a OpenSSL 1.0.1e-fips 11 Feb 2013 built on: Tue Apr 8 02:33:43 UTC 2014" As it was built after April 7th, you are secure. Si cica au facut un post pe blog cu chestia asta, dar nu s-au chinuit sa dea un mail la tot bou care nu urmareste pe rss ce pun ei pe blog. Si cum masa lu tacsu e treaba asta cu buildurile? Aia de au facut buildu era musai sa pastreze exact acelasi nume? Nu puteau sa mai bage o litera in plus ca sa poti vedea ca nu mai esti afectat? Exista un test ca sa vezi daca buildu nou cu acelas nume este sau nu securizat? |
#24
Posted 11 April 2014 - 11:48
Nimeni nu s-a chinuit sa precizeze ca vulnerabilitatea asta nu poate fi exploatata decat cu un software facut special pentru ea si pe care nimeni nu-l are...
|
#25
Posted 11 April 2014 - 13:11
Exact. Niste mega-specialisti au descoperit recent bugul. As vrea sa stiu hackerii mega-mega-specialisti care s-au folosit de bug inainte sa fie decoperit.
Tocmai citisem un articol alarmant, in care ziceau ca hackerii au avut 2 ani la dispozitie sa-mi fure parolele de pe facebook. Edited by Bursul, 11 April 2014 - 13:11. |
#26
Posted 11 April 2014 - 13:31
14.04
OpenSSL 1.0.1f 6 Jan 2014 built on: Mon Apr 7 21:20:02 UTC 2014 platform: debian-i386 Edited by xxvirusxx, 11 April 2014 - 13:31. |
#27
Posted 11 April 2014 - 21:28
Au sarit destul de repede si producatorii de network devices *nix-based, recent i-am dat update la UTM-ul Sophos din dotare (ex-Astaro)
# echo $(uname -r) - $(openssl version) 3.8.13.15-111.g2bc35f6-smp64 - OpenSSL 1.0.1g 7 Apr 2014 Edited by DaCosta, 11 April 2014 - 21:28. |
#28
Posted 12 April 2014 - 22:58
S-a dezlantuit iadul cand au aflat unii clienti de "stire"... evident au fost servere unde a trebuit sa intervin.
Iar cei care va intrebati de ce mufa a sugerat trecerea la o versiune anterioara, ei bine asta e politica in astfel de cazuri. Daca nu exista un patch rapid (in cazul asta se putea recompila si incropi rapid un RPM/DEB) se face rollback sau downgrade. Quote
How can OpenSSL be fixed? Even though the actual code fix may appear trivial, OpenSSL team is the expert in fixing it properly so fixed version 1.0.1g or newer should be used. If this is not possible software developers can recompile OpenSSL with the handshake removed from the code by compile time option -DOPENSSL_NO_HEARTBEATS Edited by Huza, 12 April 2014 - 22:59. |
|
#29
Posted 05 June 2014 - 20:30
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users