Hi, as you might know about a severe security vulnerability was found on the OpenSSL package earlier. [1] (CVE-2014-0160) The GNOME Sysadmin Team acted on it and applied the relevant security update on every single machine hosted. Additionally all the previous SSL certificates were revoked and replaced by a new set of certificates. If you are running any SSL-related plugin on your browser you'll surely be warned the SSL certificates for the following domains have changed during the past 24 hours: 1. *.gnome.org 2. *.guadec.org 3. *.gimp.org That said I would still suggest everyone to update their passwords (on any of the hosted services used before today) in case the private keys were compromised and the user password was sent and captured by the attacker using the Heartbleed bug. Sessions on the hosted services have also been cleared. Have an awesome day everyone and please mail <support AT gnome DOT org> in case of problems. -- Cheers, Andrea Debian Developer, Fedora / EPEL packager, GNOME Sysadmin Team Coordinator, GNOME Foundation Membership & Elections Committee Chairman Homepage: http://www.gnome.org/~av
Attachment:
signature.asc
Description: Digital signature