The advise so far is to not only patch up, and restart services/hosts; but to also revoke the certs and create new ones.
As the vulnerability left no trace of its happenings in any logs - and someone who was actively exploiting it could still use the private key or other ill begot materials. Just a heads up. RHEL/SL/Ubuntu/etc really aren't the big cause for concern (in many cases), but more so the appliances that many enterprises use/buy/deploy...... On Tue, Apr 8, 2014 at 10:47 AM, Adam Bishop <[email protected]> wrote: > On 8 Apr 2014, at 15:10, Pat Riehecky <[email protected]> wrote: > > > > The updated package should be available now. > > Brilliant, thanks for update. > > Regards, > > Adam Bishop > > gpg: 0x6609D460 > > Janet, the UK's research and education network. > > > > Janet(UK) is a trading name of Jisc Collections and Janet Limited, a > not-for-profit company which is registered in England under No. 2881024 > and whose Registered Office is at Lumen House, Library Avenue, > Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 > -- <http://stevenmiano.com/> Miano, Steven M. http://stevenmiano.com
