Recent Heartbleed OpenSSL bug may affect HTTPS Subversion servers

From: Nico Kadel-Garcia <nkadel_at_gmail.com>
Date: Thu, 10 Apr 2014 23:53:14 -0400

I was just realizing that no one has mentioned it here: For anyone
running HTTPS based Subversion servers, they should really take a good
look at whether their web server is vulnerable to the "HeartBleed"
security problem in OpenSSL. There are various good write-ups about
it, but even an internal website vulnerable to these hacks could
apparently have usernames and passwords stolen by a zombied or
rootkitted host inside your network. So strongly consider updating
*all* your websites to avoid the bug, and other bugs, and strongly
consider your password management and expiration procedures for
vulnerabilities that may have been exploited any time in the last two
years.

http://www.theatlantic.com/technology/archive/2014/04/how-to-check-if-a-site-is-safe-from-heartbleed/360417/
Received on 2014-04-11 05:53:53 CEST

This message: [ Message body ]
Next message: Daniel Shahaf: "Re: Recent Heartbleed OpenSSL bug may affect HTTPS Subversion servers"
Previous message: Branko Čibej: "Re: Reproducible VM crash using JavaHL"
Next in thread: Daniel Shahaf: "Re: Recent Heartbleed OpenSSL bug may affect HTTPS Subversion servers"
Reply: Daniel Shahaf: "Re: Recent Heartbleed OpenSSL bug may affect HTTPS Subversion servers"
Reply: Ben Reser: "Re: Recent Heartbleed OpenSSL bug may affect HTTPS Subversion servers"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]