OpenSSL Status

Inasmuch as Heartbleed is forcing admins all over the internet to patch their servers, and inasmuch as it's considered wise to change one's passwords after said patching, I'm wondering if PM:

was ever vulnerable to the OpenSSL issue known as Heartbleed, and
if we're all patched, so I can reset my password.

Thanks muchly,

-Dave

Comment on OpenSSL Status

Replies are listed 'Best First'.
Re: OpenSSL Status by BrowserUk (Patriarch) on Apr 19, 2014 at 23:00 UTC
If the urls you use at any given site do not start with https, then that site is not vulnerable to Heartbleed. (None of PMs urls do!) Of course, it also means that that site is probably vulnerable to pretty much every other exploit going. With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday' Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error. "Science is about questioning the status quo. Questioning authority". In the absence of evidence, opinion is indistinguishable from prejudice.	[reply]
Re: OpenSSL Status by trippledubs (Deacon) on Apr 20, 2014 at 00:59 UTC
The rest of the internet is affected, but not PM. If you use the same passwords across multiple sites, you have to worry about someone getting your password from site a and then using it on site b. There is a good list of passwords you need to change at http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/	[reply]

Back to Perl Monks Discussion