Hi Mark > (To be clear, this does not affect SSH key material in any way).
I am unsure what that means, the ssh keys I use to login with? Working for ITSOIL Pty Ltd At the University of Tasmania Model maker at Military Museum of Tasmania > On 9 Apr 2014, at 2:15 am, "Marc A. Pelletier" <[email protected]> wrote: > > Hello everyone, > > Please be aware that the recently disclosed vulnerability in openssl > (CVE-2014-0160)[1] affected the Ubuntu Precise distribution of that library > (which is in use in Labs). This vulnerability potentially exposes server > process memory in a way that may allow an attacker to recover the private key > during SSL negotiation. > > We have forcibly upgraded that library on all instances (as well as the WMF > infrastructure) and will replace any potentially exposed SSL key material; > but please note that if you use SSL within your project, you should consider > all keys to be compromised, generate new keys and issue new certificates. > > (To be clear, this does not affect SSH key material in any way). > > — Marc > > [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 > _______________________________________________ > Labs-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/labs-l
_______________________________________________ Labs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/labs-l
