[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL



> http://heartbleed.com/
>
> The Heartbleed Bug is a serious vulnerability in the popular OpenSSL
> cryptographic software library. This weakness allows stealing the
> information protected, under normal conditions, by the SSL/TLS encryption
> used to secure the Internet. SSL/TLS provides communication security and
> privacy over the Internet for applications such as web, email, instant
> messaging (IM) and some virtual private networks (VPNs).
>
> The Heartbleed bug allows anyone on the Internet to read the memory of the
> systems protected by the vulnerable versions of the OpenSSL software. This
> compromises the secret keys used to identify the service providers and to
> encrypt the traffic, the names and passwords of the users and the actual
> content. This allows attackers to eavesdrop communications, steal data
> directly from the services and users and to impersonate services and users.

Patch your stuff.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk