E a gritaria foi por conta de sites openssl. Mas afeta ssh também, openvpn, etc.
Abs, Helio Loureiro http://helio.loureiro.eng.br http://br.linkedin.com/in/helioloureiro http://twitter.com/helioloureiro http://gplus.to/helioloureiro 2014-04-09 9:44 GMT+02:00 Helio Loureiro <he...@loureiro.eng.br>: > Oi, > > Pra quem usa essa versão de openssl afetada (10.0), e tem um site com > grande audiência/risco de segurança, estão recomendando regovar as chaves e > gerar novas. > > Abs, > Helio Loureiro > http://helio.loureiro.eng.br > http://br.linkedin.com/in/helioloureiro > http://twitter.com/helioloureiro > http://gplus.to/helioloureiro > > > 2014-04-09 4:04 GMT+02:00 Wendell Candido de Almeida < > wend...@pontualcargas.com.br>: > > Link saiu quebrado.. agora correto... >> >> >> http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-d >> eixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml<http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-deixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml> >> >> Em uma linguagem mais didática... >> >> >> http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-d >> eixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml<http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-deixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml> >> >> >> Wendell >> >> >> -----Mensagem original----- >> De: freebsd-boun...@fug.com.br [mailto:freebsd-boun...@fug.com.br] Em >> nome >> de Marcelo Gondim Enviada em: terça-feira, 8 de abril de 2014 18:48 >> Para: "Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)" >> Assunto: [FUG-BR] Fwd: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" >> bug >> >> A coisa parece que foi séria dessa vez. >> >> >> -------- Mensagem original -------- >> Assunto: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug >> Data: Tue, 8 Apr 2014 20:42:29 GMT >> De: FreeBSD Security Officer <security-offi...@freebsd.org> >> Responder a: freebsd-secur...@freebsd.org >> Para: FreeBSD Security Advisories <security-advisor...@freebsd.org> >> >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA512 >> >> Hi, >> >> This is a heads-up for the OpenSSL "Heartbleed" bug. >> >> FreeBSD port security/openssl have been patched on 2014-04-07 21:46:40 UTC >> (head, r350548) and 2014-04-07 21:48:07 UTC (branches/2014Q2, r350549). >> >> FreeBSD base system have been patched on 2014-04-08 18:27:32 UTC (head, >> r264265), 2014-04-08 18:27:39 UTC (stable/10, r264266), 2014-04-08 >> 18:27:46 UTC (releng/10.0, r264267). The update is available with >> freebsd-update. All other supported FreeBSD branches are not affected by >> this issue. >> >> Users who use TLS client and/or server are strongly advised to apply >> updates >> immediately. >> >> Because of the nature of this issue, it's also recommended for system >> administrators to consider revoking all of server certificate, client >> certificate and keys that is used with these systems and invalidate active >> authentication credentials with a forced passphrase change. >> >> Formal security advisories would be announced later today. >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v2.0.22 (FreeBSD) >> >> iQIcBAEBCgAGBQJTRF6nAAoJEO1n7NZdz2rnA7AP/jG89g90O5ULI3aXZOeeYH6U >> /l3Cb5/vUgEQWiG5HO50lID3fJOktTWvwMBs+q7E7vaGJ4icL5kl816Zucj3cI8j >> H4JZZVYWbY1cBET2sNAxz5+XqGvERL8LUj8+hvVxo5L071plAbiucnvisx4K9Vyd >> IQryUOvRwxUUbmOXIVbfPLoY4VJFT+fDMxEXjeOh3vFWXftg5v4KaB9jYCRKBiAo >> BTEKlU1/bVjkJ4sU5ApavMOuyeqqOPTxLpqs6+9bsPUsBoiMR1LyxrWW9tWPb/x+ >> LKoLwwkHwjHmrCx9ob/L5jNtOiLeFAsN/Rvox8eLLCb2VRe90dkMKazAJCGT/Shf >> DKRo4jlRCVqmHofc96+bWBGDGHvTT7xY3MZQYU9IEHIXSzAgxykXmyYSdIDm6bxk >> tsladfGEpKNzpwQXbuzLFXjl0nd87P1ZcPh+cDprP4+b68knfAXDIF/ca7mVD00B >> PTIUmXOSuvmYfhQyY4lurB3vjbWoJv06JkYJRe4luPyZiEulw7PNNPqR0BqR4vPX >> R9VhOhDhXn1AJcF8urTMIwZ3tGyhwWbOjqOgAdI9jW4gTTtXqwwesWhjX0ZghzRf >> Pqs9T7IrZ4pNvfHBETSc7JN/9kpspTEm/a2tUalEIKIErSxmaOAWUTethrjf3lyd >> kNC30mma046jR7E4/ccB >> =J3Tm >> -----END PGP SIGNATURE----- >> _______________________________________________ >> freebsd-annou...@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-announce >> To unsubscribe, send any mail to " >> freebsd-announce-unsubscr...@freebsd.org" >> >> >> >> ------------------------- >> Histórico: http://www.fug.com.br/historico/html/freebsd/ >> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd >> >> ------------------------- >> Histórico: http://www.fug.com.br/historico/html/freebsd/ >> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd >> >> ------------------------- >> Histórico: http://www.fug.com.br/historico/html/freebsd/ >> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd >> > > ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
