On Thu, Apr 17, 2014 at 08:58:46PM +0200, Lars Kumbier wrote: > I'm supposedly running one of the still affected tor-relays and since my > relay is also a guard, I'm in the latest blocklist[1] (pre-upgrade > fingerprint). I did upgrade the system on April 9th to openssl > 1.0.1-4ubuntu5.12 - base system is an ubuntu 12.04. > > According to the changelog[2], this should have fixed the heartbleed > issue and according to this scanner[3], it should be as well. I did > create new keys anyway, but just to be sure: Is the host[4] still > affected as given in the blocklist? > > Best, > Lars > __________________________________ > [1] > https://atlas.torproject.org/#details/9AB511B6894566C1CF56043CE60077D213CF1A1A > [2] https://launchpad.net/ubuntu/+source/openssl/1.0.1-4ubuntu5.12 > [3] https://filippo.io/Heartbleed/#tor.kumbier.it > [4] tor running on 5.9.165.90:443 A router at that IP with identity 9AB511B6894566C1CF56043CE60077D213CF1A1A tested positive for Heartbleed several times, most recently at 2014-04-17 10:19:18, before testing negative at 2014-04-17 18:51:46 (all times UTC). If you rotate the key you should be fine, but that key is potentially exposed. -- Andrea Shepard <andrea@xxxxxxxxxxxxxx> PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536 PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5
Attachment:
pgpyDEfLC5RRq.pgp
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays