Am 08.04.2014 21:38, schrieb lst_ho...@kwsoft.de: > Zitat von Jakob Curdes <j...@info-systems.de>: > >> Am 08.04.2014 19:00, schrieb John Rowe: >>> Do we know if dovecot is vulnerable to the heartbleed SSL problem? >>> >>> I'm running dovecot-2.0.9 and openssl-1.01, the latter being >>> intrinsically vulnerable. An on-line tool says that my machine is not >>> affected on port 993 but it would be nice to know for sure if we were >>> vulnerable for a while. (Naturally I've blocked it anyway!). >>> >> Usually all programs are linked dynamically to the library, so the >> vulnerability depends on the library only. If >> you updated the library today and restarted the service (!!) then it is very >> likely that your mail installation >> is not vulnerable any more. Otherwise it is very likely to be vulnerable, >> regardless what tests say. >> JC > > Be aware that your private key might already have leaked without any notice. > So your best bet is to withdraw your > certificates and renew all keys/certificates on the affected machines.
correct, that was my whole-day job from 10:00 AM to 16:00 PM for 10 certificates followed by openvpn-keys, better safe than sorry luckily some wildcard certs in the meantime instead a ton single ones
signature.asc
Description: OpenPGP digital signature