Since Launchpad itself is probably vulnerable, I strongly suggest everyone with code commit and/or PPA upload permissions to CLEAR ALL COOKIES and refrain from using Launchpad until https://bugs.launchpad.net/launchpad/+bug/1304136 is fixed.
2014-04-08 5:14 GMT+04:00 Sergey "Shnatsel" Davidoff < ser...@elementaryos.org>: > Oh yeah, right, don't forget to change your important passwords too! > > > 2014-04-08 4:56 GMT+04:00 desideran...@rocketmail.com < > desideran...@rocketmail.com>: > > SSH does not use TLS per se, so revoking ssh keys is not that useful >> >> Enviado desde Mail con Replicant >> >> ------------------------------ >> * From: * victor-eduardo <victoredua...@gmail.com>; >> * To: * Sergey Shnatsel Davidoff <ser...@elementaryos.org>; >> * Cc: * elementary-dev-community@lists.launchpad.net < >> elementary-dev-community@lists.launchpad.net>; >> * Subject: * Re: [Elementary-dev-community] URGENT: Update and change >> your SSH keys IMMEDIATELY >> * Sent: * Tue, Apr 8, 2014 12:36:30 AM >> >> Thanks for the heads up! >> >> OpenSSL is flawed by design indeed :( >> >> On lun, abr 7, 2014 at 6:31 , Sergey Shnatsel Davidoff < >> ser...@elementaryos.org> wrote: >> >> Also do not forget to revoke the older keys wherever they are used - >> Launchpad, etc. >> >> >> 2014-04-08 3:45 GMT+04:00 Sergey "Shnatsel" Davidoff < >> ser...@elementaryos.org>: >> >>> There's a killer bug in OpenSSL that leaks private keys! Update your >>> system and change your SSH private keys (and other private keys for good >>> measure) IMMEDIATELY! >>> >>> More info at http://heartbleed.com/ >>> *runs off to upgrade all machines and change keys everywhere* >>> -- >>> Sergey "Shnatsel" Davidoff >>> >> >> >> >> -- >> Sergey "Shnatsel" Davidoff >> >> > > > -- > Sergey "Shnatsel" Davidoff > -- Sergey "Shnatsel" Davidoff
-- Mailing list: https://launchpad.net/~elementary-dev-community Post to : elementary-dev-community@lists.launchpad.net Unsubscribe : https://launchpad.net/~elementary-dev-community More help : https://help.launchpad.net/ListHelp