On 19/12/2014 Andrea Pescetti wrote:
Infra was notified on the same day and was supposed to handle that at
the earliest possible occasion (which ought to be last week, but then
other priorities came up). Remember that there is a system of reverse
proxies installed, so what you see from outside
NoOp wrote:
On the user mailing list I posted the following on 12/09/2014
Infra was notified on the same day and was supposed to handle that at
the earliest possible occasion (which ought to be last week, but then
other priorities came up). Remember that there is a system of reverse
proxies
On the user mailing list I posted the following on 12/09/2014:
Andrea,
You might want to take a closer look at your servers - certs are good but:
This server is vulnerable to the OpenSSL CCS vulnerability
(CVE-2014-0224) and exploitable. Grade set to F.
