Am 11.04.2014 18:34 schrieb Jim Ohlstein:
> Thanks for the link. On a quick read it seems their conclusion is
> that while it is *extremely* unlikely that your private key(s)
> was/were stolen using nginx, you should still re-key and revoke. While
> comforting, not really of any great practical help.
Adding info from
http://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/
it looks like for tests so far only freebsd/apache2 is a combo where
private key data could leak.
> Nice that CloudFlare (and no doubt others) received significant
> advance warning while the rest of us were left vulnerable. Just
> sayin...
Really.. those with deep pockets get warning "in advance". Blah.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx