Oi, Pra quem usa essa versão de openssl afetada (10.0), e tem um site com grande audiência/risco de segurança, estão recomendando regovar as chaves e gerar novas.
Abs, Helio Loureiro http://helio.loureiro.eng.br http://br.linkedin.com/in/helioloureiro http://twitter.com/helioloureiro http://gplus.to/helioloureiro 2014-04-09 4:04 GMT+02:00 Wendell Candido de Almeida < wend...@pontualcargas.com.br>: > Link saiu quebrado.. agora correto... > > > http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-d > eixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml > > Em uma linguagem mais didática... > > > http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-d > eixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml > > > Wendell > > > -----Mensagem original----- > De: freebsd-boun...@fug.com.br [mailto:freebsd-boun...@fug.com.br] Em nome > de Marcelo Gondim Enviada em: terça-feira, 8 de abril de 2014 18:48 > Para: "Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)" > Assunto: [FUG-BR] Fwd: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug > > A coisa parece que foi séria dessa vez. > > > -------- Mensagem original -------- > Assunto: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug > Data: Tue, 8 Apr 2014 20:42:29 GMT > De: FreeBSD Security Officer <security-offi...@freebsd.org> > Responder a: freebsd-secur...@freebsd.org > Para: FreeBSD Security Advisories <security-advisor...@freebsd.org> > > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > This is a heads-up for the OpenSSL "Heartbleed" bug. > > FreeBSD port security/openssl have been patched on 2014-04-07 21:46:40 UTC > (head, r350548) and 2014-04-07 21:48:07 UTC (branches/2014Q2, r350549). > > FreeBSD base system have been patched on 2014-04-08 18:27:32 UTC (head, > r264265), 2014-04-08 18:27:39 UTC (stable/10, r264266), 2014-04-08 > 18:27:46 UTC (releng/10.0, r264267). The update is available with > freebsd-update. All other supported FreeBSD branches are not affected by > this issue. > > Users who use TLS client and/or server are strongly advised to apply > updates > immediately. > > Because of the nature of this issue, it's also recommended for system > administrators to consider revoking all of server certificate, client > certificate and keys that is used with these systems and invalidate active > authentication credentials with a forced passphrase change. > > Formal security advisories would be announced later today. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (FreeBSD) > > iQIcBAEBCgAGBQJTRF6nAAoJEO1n7NZdz2rnA7AP/jG89g90O5ULI3aXZOeeYH6U > /l3Cb5/vUgEQWiG5HO50lID3fJOktTWvwMBs+q7E7vaGJ4icL5kl816Zucj3cI8j > H4JZZVYWbY1cBET2sNAxz5+XqGvERL8LUj8+hvVxo5L071plAbiucnvisx4K9Vyd > IQryUOvRwxUUbmOXIVbfPLoY4VJFT+fDMxEXjeOh3vFWXftg5v4KaB9jYCRKBiAo > BTEKlU1/bVjkJ4sU5ApavMOuyeqqOPTxLpqs6+9bsPUsBoiMR1LyxrWW9tWPb/x+ > LKoLwwkHwjHmrCx9ob/L5jNtOiLeFAsN/Rvox8eLLCb2VRe90dkMKazAJCGT/Shf > DKRo4jlRCVqmHofc96+bWBGDGHvTT7xY3MZQYU9IEHIXSzAgxykXmyYSdIDm6bxk > tsladfGEpKNzpwQXbuzLFXjl0nd87P1ZcPh+cDprP4+b68knfAXDIF/ca7mVD00B > PTIUmXOSuvmYfhQyY4lurB3vjbWoJv06JkYJRe4luPyZiEulw7PNNPqR0BqR4vPX > R9VhOhDhXn1AJcF8urTMIwZ3tGyhwWbOjqOgAdI9jW4gTTtXqwwesWhjX0ZghzRf > Pqs9T7IrZ4pNvfHBETSc7JN/9kpspTEm/a2tUalEIKIErSxmaOAWUTethrjf3lyd > kNC30mma046jR7E4/ccB > =J3Tm > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-annou...@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-announce > To unsubscribe, send any mail to "freebsd-announce-unsubscr...@freebsd.org > " > > > > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd > > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd > > ------------------------- > Histórico: http://www.fug.com.br/historico/html/freebsd/ > Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd > ------------------------- Histórico: http://www.fug.com.br/historico/html/freebsd/ Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd