And thanks for Raphael for applying the patch very quickly :) May the Source be with you anuragbhandari.com On Apr 10, 2014 3:27 PM, "Jean-Claude Vanier" <[email protected]> wrote:
> Thanks also to Robert who warned us. > > 2014-04-10 11:36 GMT+02:00 Tomasz Gajc <[email protected]>: > > Great that we reacted so fast ! > > > > > > 2014-04-10 10:53 GMT+02:00 Raphaël Jadot <[email protected]>: > >> > >> Hello > >> > >> > >> for your information, our sites now have the patched version of openssl > >> and are not affected by heartbleed anymore.( http://heartbleed.com/ ) > >> > >> The patch have been applied tuesday (it was not complicated, just an > >> update from repos), but my mistake, by habit I did a graceful restart of > >> nginx, I should have done a full restart. > >> > >> Then, it did not take in account the openssl patch, so I think it's fair > >> to warn you that only few hours ago, I realized my mistake and did a > full > >> restart, which left our website two days with this know vulnerability. > >> > >> I don't think we are a real target of hackers, but it's fair to warn you > >> about this: maybe you would consider changing your openmandriva > webservices > >> passwords, mainly if it's the same used for other services (which is of > >> course a bad practise :) > >> > >> Raphaël > >> > >> > >> > > >
