Aftermath of the Heartbleed SSL vulnerability

News by khorben on 13/04/2014 04:43:56
With the recent discovery of the "Heartbleed" SSL vulnerability [1], the following actions have been taken for the EdgeBSD infrastructure:
  • new sets for EdgeBSD-6 are available for every architecture supported so far except evbarm and evbmips
  • the vulnerable machines have been patched
  • the impacted services were restarted
  • the SSL certificate for www.edgebsd.org was re-generated [2]
  • the sessions were cleared for www.edgebsd.org
  • every password for www.edgebsd.org was reset (please use the recovery feature [3])

Sorry for the inconvenience.

[1] https://heartbleed.com/
[2] https://www.edgebsd.org/
[3] https://www.edgebsd.org/edgebsd/user/reset