given the vulnerability https://www.openssl.org/news/secadv_20140407.txt that affects OpenSSL 1.0.1 and 1.0.2-beta, it would be important that you all recompile pyOpenSSL on Tor2web nodes against OpenSSL 1.0.1g.
Steps to do so: apt-get update && apt-get dist-upgrade (or at least libssl-dev package for fixing only tor2web) pip uninstall pyOpenssl -y pip install pyOpenssl==0.14 /etc/init.d/tor2web restart it's really important that you do so as the vulnerability may compromise your SSL certificate. evil _______________________________________________ Tor2web-talk mailing list [email protected] http://lists.tor2web.org/listinfo/tor2web-talk
