Hello all, - First of all, heartbleed: Our webservers were still using OpenSSL 0.9.8, so were unaffected. The Prosody XMPP server for adium.im however was using a vulnerable version of OpenSSL. Just to be sure, I’ve generated a new certificate and revoked the old one. The SHA1 fingerprint of the new certificate is B6:5A:EB:C8:40:62:0B:13:46:3C:29:4D:9B:B8:01:31:59:CC:FB:8A.
(And for the record, Adium itself is not vulnerable to reverse heartbleed: Adium uses CDSA, which used to use OpenSSL internally, but Apple never shipped an OpenSSL version newer than 0.9.8.) - We’ve been dealing with quite a bit more spam on trac lately. I’ve updated the TracSpamFilter plugin and installed the dependencies for its Bayesian learning plugin, so hopefully it’ll improve itself. If spam still makes it through, people with appropriate admin powers can manage it here: https://trac.adium.im/admin/spamfilter/monitor. See also the BadContent wikipage which assigns penalties to certain words, and the BadIP page that can be used to completely block the spammer’s IP address. - Because I felt like reading a lot more spam today (well, not really), I went through the pending posts to this list by non-members. Among the thousands of spam messages I found only two clearly non-spam ones, which I’ve let through (only 6 months late, though…) Thijs
signature.asc
Description: Message signed with OpenPGP using GPGMail
