OpenSSL Heartbeat, a.k.a. Heartbleed Bug

Posted by ajt on Tue 8 Apr 2014 at 22:24

A serious security flaw has come to light in the OpenSSL package used in many Linux distributions including Debian. It is considered very serious and all administrators should patch their systems at once and restart any services that rely on OpenSSL.

Users should probably regenerate any SSL certificates if their server was "at risk".

More details can be found here:

At the moment Debian versions known to be at risk of exploit are:

Debian versions know to be not at risk:

This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):

This article is copyright 2014 ajt - please ask for permission to republish or translate.