elementary-dev-community team mailing list archive
Mailing list archive
Re: URGENT: Update and change your SSH keys IMMEDIATELY
Since Launchpad itself is probably vulnerable, I strongly suggest everyone
with code commit and/or PPA upload permissions to CLEAR ALL COOKIES and
refrain from using Launchpad until
https://bugs.launchpad.net/launchpad/+bug/1304136 is fixed.
2014-04-08 5:14 GMT+04:00 Sergey "Shnatsel" Davidoff <
> Oh yeah, right, don't forget to change your important passwords too!
> 2014-04-08 4:56 GMT+04:00 desiderantes@xxxxxxxxxxxxxx <
> SSH does not use TLS per se, so revoking ssh keys is not that useful
>> Enviado desde Mail con Replicant
>> * From: * victor-eduardo <victoreduardm@xxxxxxxxx>;
>> * To: * Sergey Shnatsel Davidoff <sergey@xxxxxxxxxxxxxxxx>;
>> * Cc: * elementary-dev-community@xxxxxxxxxxxxxxxxxxx <
>> * Subject: * Re: [Elementary-dev-community] URGENT: Update and change
>> your SSH keys IMMEDIATELY
>> * Sent: * Tue, Apr 8, 2014 12:36:30 AM
>> Thanks for the heads up!
>> OpenSSL is flawed by design indeed :(
>> On lun, abr 7, 2014 at 6:31 , Sergey Shnatsel Davidoff <
>> sergey@xxxxxxxxxxxxxxxx> wrote:
>> Also do not forget to revoke the older keys wherever they are used -
>> Launchpad, etc.
>> 2014-04-08 3:45 GMT+04:00 Sergey "Shnatsel" Davidoff <
>>> There's a killer bug in OpenSSL that leaks private keys! Update your
>>> system and change your SSH private keys (and other private keys for good
>>> measure) IMMEDIATELY!
>>> More info at http://heartbleed.com/
>>> *runs off to upgrade all machines and change keys everywhere*
>>> Sergey "Shnatsel" Davidoff
>> Sergey "Shnatsel" Davidoff
> Sergey "Shnatsel" Davidoff
Sergey "Shnatsel" Davidoff