10 APR 2014


Have you checked your heart lately? Good.
How about your OpenSSL library? No? Well, you should.

There is a rather dangerous OpenSSL bug on the wild, that affects versions 1.0.1 to 1.0.1f (inclusive). Briefly, all services that employ HTTPS and use the buggy OpenSSL library are exposed to sensitive information leaks. Passwords, certificates and just about anything you want to keep private can be stolen. For a more thorough explanation on this subject, we suggest you read this site, which has all the information you need.

The ~okeanos service has taken the necessary measures against this bug. If however you are concerned if your password or token has leaked, we suggest you change them immediately. You can change your password from your profile page and you can update your token from the API access page.

Finally, note that although our official Images by default are not vulnerable to this bug, if you run a service that uses HTTPS then you are possibly vulnerable and you are urged to update your OpenSSL library.

Stay safe,
the ~okeanos team

posted by helpdesk on April 10, 2014, 4:17 p.m., filed under all , security , spotlight , cyclades

< Back