Not from what I've read. Here: http://askubuntu.com/questions/444702/how-to-patch-cve-2014-0160-in-openssl/444829#444829 "Am I vulnerable? Generally, you're affected if you run some server that you generated an SSL key for at some point. Typical end-users are not (directly) affected (at least Firefox and Chrome don't use OpenSSL; some client applications may be affected, I've asked for clarification as to what to expect on the client side). Typical end-users are not (directly) affected. SSH is not affected. The distribution of Ubuntu packages isn't affected (it relies on GPG signatures)." On Tue, Apr 8, 2014 at 1:17 PM, gregrwm <tclug1 at whitleymott.net> wrote: > is openssh affected? > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > -- Ben Lutgens Linux / Unix System Administrator Three of your friends throw up after eating chicken salad. Do you think: "I should find more robust friends" or "we should check that refrigerator"? -- Donald Becker, on vortex-bug, suspecting a network-wide problem -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20140408/fb082dda/attachment.html>