|
All, I'm sure you have all heard about the Heartbleed bug by now. If not, you definitely need to read up on it and take appropriate action. A Cyrus admin (not at CMU) has recently run the check-ssl-heartbleed script against his server which was using one of the effected versions of OpenSSL and was easily able to capture usernames and passwords, including the admin password. Again, please check the versions of OpenSSL on your servers and patch or upgrade them ASAP. Regards, Ken -- Kenneth Murchison Principal Systems Software Engineer Carnegie Mellon University |
---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
