[Dovecot] Heartbleed openssl vulnerability?

Reindl Harald h.reindl at thelounge.net
Wed Apr 9 17:10:28 UTC 2014


Am 09.04.2014 19:03, schrieb Robert Schetterer:
> Am 09.04.2014 18:42, schrieb Charles Marcus:
>> What are the ramifications of changing this on a production server? Any
>> possible problems/gotchas? user impact?
> 
> in my understanding change ssl key and crts , do all needed ssl updates
> keep performance mode, if unsure change all passwords too

passwords too, in security mode only keys would have been
affected and since this is a attack which no single
indication that it ever happened on a machine there
is no likely or unlikely



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140409/c6dbd9d2/attachment.sig>


More information about the dovecot mailing list