Fedora Infrastructure SSL certificate changes for Openssl vulnerability (CVE-2014-0160/heartbleed)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Greetings. 

In the wake of the recent openssl vulnerability, we have now  reissued
all the public facing SSL certificates used by the Fedora Project, as
well as a number of internal only ones.

This includes: 

*.fedoraproject.org (wildcard certificate)
*.fedorahosted.org (wildcard certificate)
*.id.fedoraproject.org (wildcard certificate)
*.stg.fedoraproject.org (wildcard certificate)
copr.fedoraproject.org
copr-be.cloud.fedoraproject.org
retrace.fedoraproject.org
koji.fedoraproject.org/pkgs.fedoraproject.org

Internally we have completely re-keyed our puppet, openvpn, and fedmsg
certs as a precaution. 

If you were holding off changing your Fedora Account System password
until new certs were issued, feel free to do so now. 

As always, Fedora account system account holders are encouraged to
notify admin@xxxxxxxxxxxxxxxxx if they see any out of the ordinary
activity on their accounts (changes to Fedora accounts generate email
to the account holder). If you see a change you didn't initiate, please
let us know. 

Thanks for your patience, 

kevin

Attachment: signature.asc
Description: PGP signature

-- 
announce mailing list
announce@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/announce

[Index of Archives]     [Fedora Package Announce]     [Fedora Users]     [Fedora Package Review]     [Fedora Desktop]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]     [Yosemite Camping]     [Fedora Users]

  Powered by Linux