On 10 April 2014 20:53, Andrew Hain <[email protected]> wrote: > What if anything has been the effect of the Heartbleed bug on the OSM family > of websites and what do people need to do in response? >
For the primary openstreetmap.org sites: OpenSSL was patched on all systems by early Tuesday morning [GMT]. The sysadmin team also re-issued new site certificates for both the *.openstreetmap.org & *.tile.openstreetmap.org certificates on Wednesday. I am still checking if the certificate authority has as expected revoked the previous certificates. The probability is extremely low that any user data was compromised, but I would not discourage anyone from changing their password if they are concerned. Kind regards, Grant Part of OpenStreetMap sysadmin team _______________________________________________ dev mailing list [email protected] https://lists.openstreetmap.org/listinfo/dev
