Posted by ajt on Tue 8 Apr 2014 at 22:24
A serious security flaw has come to light in the OpenSSL package used in many Linux distributions including Debian. It is considered very serious and all administrators should patch their systems at once and restart any services that rely on OpenSSL.
Users should probably regenerate any SSL certificates if their server was "at risk".
More details can be found here:
At the moment Debian versions known to be at risk of exploit are:
Debian versions know to be not at risk:
Some of the distros and people terminating large amounts of HTTPS traffic were tipped off earlier to allow them to prepare patches, but from a procedural perspective the process of patching appears good for all major distros, then again we've had a lot of practice.
[ Parent ]
[ Parent ]
[ Parent ]
It's also recommended that you get new certificates as no-one is quite sure just how much information has leaked here. Yell at your local cabal certificate provider to give you a replacement cert with the same expiry at no cost.
[ Parent ]