[FUG-BR] RES: RES: Fwd: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug

Quarta Abril 9 04:44:10 BRT 2014

Oi,

Pra quem usa essa versão de openssl afetada (10.0), e tem um site com
grande audiência/risco de segurança, estão recomendando regovar as chaves e
gerar novas.

Abs,
Helio Loureiro
http://helio.loureiro.eng.br
http://br.linkedin.com/in/helioloureiro
http://twitter.com/helioloureiro
http://gplus.to/helioloureiro

2014-04-09 4:04 GMT+02:00 Wendell Candido de Almeida <
wendell em pontualcargas.com.br>:

> Link saiu quebrado.. agora correto...
>
>
> http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-d
> eixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml
>
> Em uma linguagem mais didática...
>
>
> http://info.abril.com.br/noticias/seguranca/2014/04/falha-grave-no-openssl-d
> eixa-dados-sigilosos-vulneraveis-em-servidores-pela-web.shtml
>
>
> Wendell
>
>
> -----Mensagem original-----
> De: freebsd-bounces em fug.com.br [mailto:freebsd-bounces em fug.com.br] Em nome
> de Marcelo Gondim Enviada em: terça-feira, 8 de abril de 2014 18:48
> Para: "Lista Brasileira de Discussão sobre FreeBSD (FUG-BR)"
> Assunto: [FUG-BR] Fwd: [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug
>
> A coisa parece que foi séria dessa vez.
>
>
> -------- Mensagem original --------
> Assunto:        [FreeBSD-Announce] HEADSUP! OpenSSL "Heartbleed" bug
> Data:   Tue, 8 Apr 2014 20:42:29 GMT
> De:     FreeBSD Security Officer <security-officer em freebsd.org>
> Responder a:    freebsd-security em freebsd.org
> Para:   FreeBSD Security Advisories <security-advisories em freebsd.org>
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi,
>
> This is a heads-up for the OpenSSL "Heartbleed" bug.
>
> FreeBSD port security/openssl have been patched on 2014-04-07 21:46:40 UTC
> (head, r350548) and 2014-04-07 21:48:07 UTC (branches/2014Q2, r350549).
>
> FreeBSD base system have been patched on 2014-04-08 18:27:32 UTC (head,
> r264265), 2014-04-08 18:27:39 UTC (stable/10, r264266), 2014-04-08
> 18:27:46 UTC (releng/10.0, r264267).  The update is available with
> freebsd-update.  All other supported FreeBSD branches are not affected by
> this issue.
>
> Users who use TLS client and/or server are strongly advised to apply
> updates
> immediately.
>
> Because of the nature of this issue, it's also recommended for system
> administrators to consider revoking all of server certificate, client
> certificate and keys that is used with these systems and invalidate active
> authentication credentials with a forced passphrase change.
>
> Formal security advisories would be announced later today.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (FreeBSD)
>
> iQIcBAEBCgAGBQJTRF6nAAoJEO1n7NZdz2rnA7AP/jG89g90O5ULI3aXZOeeYH6U
> /l3Cb5/vUgEQWiG5HO50lID3fJOktTWvwMBs+q7E7vaGJ4icL5kl816Zucj3cI8j
> H4JZZVYWbY1cBET2sNAxz5+XqGvERL8LUj8+hvVxo5L071plAbiucnvisx4K9Vyd
> IQryUOvRwxUUbmOXIVbfPLoY4VJFT+fDMxEXjeOh3vFWXftg5v4KaB9jYCRKBiAo
> BTEKlU1/bVjkJ4sU5ApavMOuyeqqOPTxLpqs6+9bsPUsBoiMR1LyxrWW9tWPb/x+
> LKoLwwkHwjHmrCx9ob/L5jNtOiLeFAsN/Rvox8eLLCb2VRe90dkMKazAJCGT/Shf
> DKRo4jlRCVqmHofc96+bWBGDGHvTT7xY3MZQYU9IEHIXSzAgxykXmyYSdIDm6bxk
> tsladfGEpKNzpwQXbuzLFXjl0nd87P1ZcPh+cDprP4+b68knfAXDIF/ca7mVD00B
> PTIUmXOSuvmYfhQyY4lurB3vjbWoJv06JkYJRe4luPyZiEulw7PNNPqR0BqR4vPX
> R9VhOhDhXn1AJcF8urTMIwZ3tGyhwWbOjqOgAdI9jW4gTTtXqwwesWhjX0ZghzRf
> Pqs9T7IrZ4pNvfHBETSc7JN/9kpspTEm/a2tUalEIKIErSxmaOAWUTethrjf3lyd
> kNC30mma046jR7E4/ccB
> =J3Tm
> -----END PGP SIGNATURE-----
> _______________________________________________
> freebsd-announce em freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-announce
> To unsubscribe, send any mail to "freebsd-announce-unsubscribe em freebsd.org
> "
>
>
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>
> -------------------------
> Histórico: http://www.fug.com.br/historico/html/freebsd/
> Sair da lista: https://www.fug.com.br/mailman/listinfo/freebsd
>