[MPlayer-DOCS] OpenSSL Heartbeat bug

Alexander Strasser eclipse7 at gmx.net
Fri Apr 18 20:08:35 CEST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Our server hosting the Trac issue tracker was vulnerable to the attack
against OpenSSL known as "heartbleed". The OpenSSL software library was
updated on 7th of April, shortly after the vulnerability was publicly
disclosed. We have changed the private keys (and certificates) for all
MPlayer servers. The new SHA1 fingerprints are:

mplayerhq.hu:      d0 4c 1f d0 08 f6 e0 24 f0 2c 31 de 4d 01 45 04 32 2e 36 29
trac.mplayerhq.hu: 2a 1c d7 a5 7e 39 6a bc c3 55 22 88 ba 2a cd e0 1f c1 9f 6e

We encourage you to read up on "OpenSSL heartbleed"[1]. It is possible
that login data for the issue tracker was exposed to people exploiting
this security hole. You might want to change your password in the tracker
and everywhere else you used that same password.


[1] For example here: https://www.schneier.com/blog/archives/2014/04/heartbleed.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlNRaiMACgkQp9ile6h25Y/EJACcCHS9yEm8hhZbd9NkCE8d5uUW
HCcAn3mTmnGUdtvuM3Vh8fSOYl/LUTn8
=HSfg
-----END PGP SIGNATURE-----


More information about the MPlayer-DOCS mailing list