[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 7 Apr 2014 19:14:36 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 07 Apr 2014 19:26:33 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=YJAcFZS4dEwOoWOcUpEO9UTbH/eGp4JtO/rzC4r8W4M=; b=Lu/Pqp7g5Ln6xb72OMMw4j2Eczx5e44i2Occ6DHWcLb1wsp2ddUAOCiPlUL+McNyFj kJKsLij2JSAnjrHiaYb+QO1g7LEBVJBuTUsuaHngzSIFJUVXwgXecWNaqovUvF7zJv0a n9Nn9QS3iTuzIsUud09ESX/oGymvYi4W77kx3NraYpO4tYXAkfWY9zob4BXH56w+PbRc cpH7t8ItpMCR/lb2pamIn4jZqSsjXCaTcFJwGrOKs/v78MqwbPzih8EF18Peg8HNHVgX KKwhhZkEVtLBqDcHtSSLjcnB1WS07NdnwnaIy405pXJxrKJsVJTADIwPr8u6i1qt8M8Y 58jA==
In-reply-to: <CAEzaO-X2-_+uDdxpi3XqXWLCG6PAHTKMASLZWz3pMMZFQ2_DDQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAEzaO-X2-_+uDdxpi3XqXWLCG6PAHTKMASLZWz3pMMZFQ2_DDQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

> http://heartbleed.com/
>
> The Heartbleed Bug is a serious vulnerability in the popular OpenSSL
> cryptographic software library. This weakness allows stealing the
> information protected, under normal conditions, by the SSL/TLS encryption
> used to secure the Internet. SSL/TLS provides communication security and
> privacy over the Internet for applications such as web, email, instant
> messaging (IM) and some virtual private networks (VPNs).
>
> The Heartbleed bug allows anyone on the Internet to read the memory of the
> systems protected by the vulnerable versions of the OpenSSL software. This
> compromises the secret keys used to identify the service providers and to
> encrypt the traffic, the names and passwords of the users and the actual
> content. This allows attackers to eavesdrop communications, steal data
> directly from the services and users and to impersonate services and users.

Patch your stuff.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
  - From: Damian Johnson
- Re: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
  - From: Joe Btfsplk

Prev by Author: Re: [tor-talk] How safe is smartphones today?
Next by Author: [tor-talk] Meanwhile as the internet reboots...
Previous by thread: Re: [tor-talk] torbutton icon disappeared
Next by thread: Re: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
Index(es):
- Author
- Thread