Ir para Weblate! Menu

Heartbleed fun

Partilhar
Michal Čihař
BlogueWeblate Hospedado
10 de Abril de 2014

You probably know about heartbleed bug in OpenSSL as it is so widespread that it got to mainstream medias as well. As I'm running Debian Wheezy on my servers, they were affected as well.

The updated OpenSSL library was installed immediately after it has been released, but there was still option that somebody got private data from the server before (especially as the vulnerability exists for quite some time). So I've revoked and reissued all SSL certificates while regenerating new private keys. This has nice benefit that they now use SHA 256 intermediate CA compared to SHA 1 which was used on some of them before.

Though there is no way to figure out whether there was some information leak or not, I have decided to reset all access tokens for OAuth (eg. GitHub), so if you have used GitHub login for Weblate, you will have to reauthenticate.

Português