Re: Heartbleed warning - Cyrus admin password leak!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Apr 13, 2014, at 12:55 PM, Bron Gondwana wrote:
> Finally, as Ken mentioned, if you have an SSL-enabled Cyrus listening
> to the internet, you admin password may have been stolen already.
> Upgrading OpenSSL won't stop future login attempts with that stolen
> password.

Your private key may also have been stolen. You'll need to regenerate
your private key and certificate (or get a new from from your CA), and
get the old one revoked.

Cheers,
Rob N.
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus




[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux